High severity8.8NVD Advisory· Published Dec 11, 2017· Updated May 13, 2026

CVE-2017-17509

Description

In HDF5 1.10.1, there is an out of bounds write vulnerability in the function H5G__ent_decode_vec in H5Gcache.c in libhdf5.a. For example, h5dump would crash or possibly have unspecified other impact someone opens a crafted hdf5 file.

Affected products

Hdfgroup/Hdf5
cpe:2.3:a:hdfgroup:hdf5:1.10.1:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/xiaoqx/pocs/tree/master/hdf5/readme.mdnvdThird Party Advisory

News mentions

No linked articles in our index yet.

cvss	0.572
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000