Medium severity6.5NVD Advisory· Published Dec 11, 2017· Updated May 13, 2026

CVE-2017-17506

Description

In HDF5 1.10.1, there is an out of bounds read vulnerability in the function H5Opline_pline_decode in H5Opline.c in libhdf5.a. For example, h5dump would crash when someone opens a crafted hdf5 file.

Affected products

Hdfgroup/Hdf5
cpe:2.3:a:hdfgroup:hdf5:*:*:*:*:*:*:*:*
Range: >=1.8.0,<=1.10.1

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/xiaoqx/pocs/tree/master/hdf5/readme.mdnvdExploitThird Party Advisory

News mentions

No linked articles in our index yet.

cvss	0.423
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000