rpm package

opensuse/openmpi4-testsuite&distro=openSUSE Leap 15.5

pkg:rpm/opensuse/openmpi4-testsuite&distro=openSUSE%20Leap%2015.5

Vulnerabilities (13)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2024-32608		—	< 4.1.4-150500.3.2.1	4.1.4-150500.3.2.1	Oct 9, 2024	HDF5 library through 1.14.3 has memory corruption in H5A__close resulting in the corruption of the instruction pointer and causing denial of service or potential code execution.
CVE-2024-33875		—	< 4.1.4-150500.3.2.1	4.1.4-150500.3.2.1	May 9, 2024	HDF5 Library through 1.14.3 has a heap-based buffer overflow in H5O__layout_encode in H5Olayout.c, resulting in the corruption of the instruction pointer.
CVE-2024-33874		—	< 4.1.4-150500.3.2.1	4.1.4-150500.3.2.1	May 9, 2024	HDF5 Library through 1.14.3 has a heap buffer overflow in H5O__mtime_new_encode in H5Omtime.c.
CVE-2024-33873		—	< 4.1.4-150500.3.2.1	4.1.4-150500.3.2.1	May 9, 2024	HDF5 Library through 1.14.3 has a heap-based buffer overflow in H5D__scatter_mem in H5Dscatgath.c.
CVE-2024-32620		—	< 4.1.4-150500.3.2.1	4.1.4-150500.3.2.1	May 9, 2024	HDF5 Library through 1.14.3 contains a heap-based buffer over-read in H5F_addr_decode_len in H5Fint.c, resulting in the corruption of the instruction pointer.
CVE-2024-32619		—	< 4.1.4-150500.3.2.1	4.1.4-150500.3.2.1	May 9, 2024	HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5T_copy_reopen in H5T.c, resulting in the corruption of the instruction pointer.
CVE-2024-32614		—	< 4.1.4-150500.3.2.1	4.1.4-150500.3.2.1	May 9, 2024	HDF5 Library through 1.14.3 has a SEGV in H5VM_memcpyvv in H5VM.c.
CVE-2024-32610		—	< 4.1.4-150500.3.2.1	4.1.4-150500.3.2.1	May 9, 2024	HDF5 Library through 1.14.3 has a SEGV in H5T_close_real in H5T.c, resulting in a corrupted instruction pointer.
CVE-2024-29166		—	< 4.1.4-150500.3.2.1	4.1.4-150500.3.2.1	May 9, 2024	HDF5 through 1.14.3 contains a buffer overflow in H5O__linfo_decode, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution.
CVE-2024-29161		—	< 4.1.4-150500.3.2.1	4.1.4-150500.3.2.1	May 9, 2024	HDF5 through 1.14.3 contains a heap buffer overflow in H5A__attr_release_table, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution.
CVE-2024-29158		—	< 4.1.4-150500.3.2.1	4.1.4-150500.3.2.1	May 9, 2024	HDF5 through 1.14.3 contains a stack buffer overflow in H5FL_arr_malloc, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution.
CVE-2018-11205	Hig	8.1	< 4.1.4-150500.3.2.1	4.1.4-150500.3.2.1	May 16, 2018	A out of bounds read was discovered in H5VM_memcpyvv in H5VM.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service or information disclosure attack.
CVE-2017-17507	Med	6.5	< 4.1.4-150500.3.2.1	4.1.4-150500.3.2.1	Dec 11, 2017	In HDF5 1.10.1, there is an out of bounds read vulnerability in the function H5T_conv_struct_opt in H5Tconv.c in libhdf5.a. For example, h5dump would crash when someone opens a crafted hdf5 file.

CVE-2024-32608Oct 9, 2024
affected < 4.1.4-150500.3.2.1fixed 4.1.4-150500.3.2.1
HDF5 library through 1.14.3 has memory corruption in H5A__close resulting in the corruption of the instruction pointer and causing denial of service or potential code execution.
CVE-2024-33875May 9, 2024
affected < 4.1.4-150500.3.2.1fixed 4.1.4-150500.3.2.1
HDF5 Library through 1.14.3 has a heap-based buffer overflow in H5O__layout_encode in H5Olayout.c, resulting in the corruption of the instruction pointer.
CVE-2024-33874May 9, 2024
affected < 4.1.4-150500.3.2.1fixed 4.1.4-150500.3.2.1
HDF5 Library through 1.14.3 has a heap buffer overflow in H5O__mtime_new_encode in H5Omtime.c.
CVE-2024-33873May 9, 2024
affected < 4.1.4-150500.3.2.1fixed 4.1.4-150500.3.2.1
HDF5 Library through 1.14.3 has a heap-based buffer overflow in H5D__scatter_mem in H5Dscatgath.c.
CVE-2024-32620May 9, 2024
affected < 4.1.4-150500.3.2.1fixed 4.1.4-150500.3.2.1
HDF5 Library through 1.14.3 contains a heap-based buffer over-read in H5F_addr_decode_len in H5Fint.c, resulting in the corruption of the instruction pointer.
CVE-2024-32619May 9, 2024
affected < 4.1.4-150500.3.2.1fixed 4.1.4-150500.3.2.1
HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5T_copy_reopen in H5T.c, resulting in the corruption of the instruction pointer.
CVE-2024-32614May 9, 2024
affected < 4.1.4-150500.3.2.1fixed 4.1.4-150500.3.2.1
HDF5 Library through 1.14.3 has a SEGV in H5VM_memcpyvv in H5VM.c.
CVE-2024-32610May 9, 2024
affected < 4.1.4-150500.3.2.1fixed 4.1.4-150500.3.2.1
HDF5 Library through 1.14.3 has a SEGV in H5T_close_real in H5T.c, resulting in a corrupted instruction pointer.
CVE-2024-29166May 9, 2024
affected < 4.1.4-150500.3.2.1fixed 4.1.4-150500.3.2.1
HDF5 through 1.14.3 contains a buffer overflow in H5O__linfo_decode, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution.
CVE-2024-29161May 9, 2024
affected < 4.1.4-150500.3.2.1fixed 4.1.4-150500.3.2.1
HDF5 through 1.14.3 contains a heap buffer overflow in H5A__attr_release_table, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution.
CVE-2024-29158May 9, 2024
affected < 4.1.4-150500.3.2.1fixed 4.1.4-150500.3.2.1
HDF5 through 1.14.3 contains a stack buffer overflow in H5FL_arr_malloc, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution.
CVE-2018-11205HigMay 16, 2018
affected < 4.1.4-150500.3.2.1fixed 4.1.4-150500.3.2.1
A out of bounds read was discovered in H5VM_memcpyvv in H5VM.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service or information disclosure attack.
CVE-2017-17507MedDec 11, 2017
affected < 4.1.4-150500.3.2.1fixed 4.1.4-150500.3.2.1
In HDF5 1.10.1, there is an out of bounds read vulnerability in the function H5T_conv_struct_opt in H5Tconv.c in libhdf5.a. For example, h5dump would crash when someone opens a crafted hdf5 file.