rpm package

suse/hdf5_1_10_8-gnu-mvapich2-hpc&distro=SUSE Linux Enterprise Module for HPC 15 SP3

pkg:rpm/suse/hdf5_1_10_8-gnu-mvapich2-hpc&distro=SUSE%20Linux%20Enterprise%20Module%20for%20HPC%2015%20SP3

Vulnerabilities (26)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2021-37501		—	< 1.10.8-150300.4.9.1	1.10.8-150300.4.9.1	Feb 3, 2023	Buffer Overflow vulnerability in HDFGroup hdf5-h5dump 1.12.0 through 1.13.0 allows attackers to cause a denial of service via h5tools_str_sprint in /hdf5/tools/lib/h5tools_str.c.
CVE-2021-46244		—	< 1.10.8-150300.4.6.1	1.10.8-150300.4.6.1	Jan 21, 2022	A Divide By Zero vulnerability exists in HDF5 v1.13.1-1 vis the function H5T__complete_copy () at /hdf5/src/H5T.c. This vulnerability causes an aritmetic exception, leading to a Denial of Service (DoS).
CVE-2021-46242		—	< 1.10.8-150300.4.6.1	1.10.8-150300.4.6.1	Jan 21, 2022	HDF5 v1.13.1-1 was discovered to contain a heap-use-after free via the component H5AC_unpin_entry.
CVE-2021-45833		—	< 1.10.8-150300.4.6.1	1.10.8-150300.4.6.1	Jan 5, 2022	A Stack-based Buffer Overflow Vulnerability exists in HDF5 1.13.1-1 via the H5D__create_chunk_file_map_hyper function in /hdf5/src/H5Dchunk.c, which causes a Denial of Service (context-dependent).
CVE-2021-45830		—	< 1.10.8-150300.4.6.1	1.10.8-150300.4.6.1	Jan 5, 2022	A heap-based buffer overflow vulnerability exists in HDF5 1.13.1-1 via H5F_addr_decode_len in /hdf5/src/H5Fint.c, which could cause a Denial of Service.
CVE-2020-10809		—	< 1.10.8-150300.4.3.1	1.10.8-150300.4.3.1	Mar 22, 2020	An issue was discovered in HDF5 through 1.12.0. A heap-based buffer overflow exists in the function Decompress() located in decompress.c. It can be triggered by sending a crafted file to the gif2h5 binary. It allows an attacker to cause Denial of Service.
CVE-2020-10810		—	< 1.10.8-150300.4.3.1	1.10.8-150300.4.3.1	Mar 22, 2020	An issue was discovered in HDF5 through 1.12.0. A NULL pointer dereference exists in the function H5AC_unpin_entry() located in H5AC.c. It allows an attacker to cause Denial of Service.
CVE-2020-10811		—	< 1.10.8-150300.4.3.1	1.10.8-150300.4.3.1	Mar 22, 2020	An issue was discovered in HDF5 through 1.12.0. A heap-based buffer over-read exists in the function H5O__layout_decode() located in H5Olayout.c. It allows an attacker to cause Denial of Service.
CVE-2020-10812		—	< 1.10.8-150300.4.6.1	1.10.8-150300.4.6.1	Mar 22, 2020	An issue was discovered in HDF5 through 1.12.0. A NULL pointer dereference exists in the function H5F_get_nrefs() located in H5Fquery.c. It allows an attacker to cause Denial of Service.
CVE-2019-8396		—	< 1.10.8-150300.4.6.1	1.10.8-150300.4.6.1	Feb 17, 2019	A buffer overflow in H5O__layout_encode in H5Olayout.c in the HDF HDF5 through 1.10.4 library allows attackers to cause a denial of service via a crafted HDF5 file. This issue was triggered while repacking an HDF5 file, aka "Invalid write of size 2."
CVE-2018-17439	Med	6.5	< 1.10.8-150300.4.6.1	1.10.8-150300.4.6.1	Sep 24, 2018	An issue was discovered in the HDF HDF5 1.10.3 library. There is a stack-based buffer overflow in the function H5S_extent_get_dims() in H5S.c. Specifically, this issue occurs while converting an HDF5 file to a GIF file.
CVE-2018-17438	Med	6.5	< 1.10.8-150300.4.3.1	1.10.8-150300.4.3.1	Sep 24, 2018	A SIGFPE signal is raised in the function H5D__select_io() of H5Dselect.c in the HDF HDF5 through 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection against division by zero. It could allow a remote denial of service attack.
CVE-2018-17437	Med	6.5	< 1.10.8-150300.4.3.1	1.10.8-150300.4.3.1	Sep 24, 2018	Memory leak in the H5O_dtype_decode_helper() function in H5Odtype.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service (memory consumption) via a crafted HDF5 file.
CVE-2018-17436	Med	6.5	< 1.10.8-150300.4.3.1	1.10.8-150300.4.3.1	Sep 24, 2018	ReadCode() in decompress.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service (invalid write access) via a crafted HDF5 file. This issue was triggered while converting a GIF file to an HDF file.
CVE-2018-17434	Med	6.5	< 1.10.8-150300.4.3.1	1.10.8-150300.4.3.1	Sep 24, 2018	A SIGFPE signal is raised in the function apply_filters() of h5repack_filters.c in the HDF HDF5 through 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection against division by zero. It could allow a remote denial of service attack.
CVE-2018-17433	Med	6.5	< 1.10.8-150300.4.3.1	1.10.8-150300.4.3.1	Sep 24, 2018	A heap-based buffer overflow in ReadGifImageDesc() in gifread.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service via a crafted HDF5 file. This issue was triggered while converting a GIF file to an HDF file.
CVE-2018-17432	Med	6.5	< 1.10.8-150300.4.3.1	1.10.8-150300.4.3.1	Sep 24, 2018	A NULL pointer dereference in H5O_sdspace_encode() in H5Osdspace.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service via a crafted HDF5 file.
CVE-2018-17237	Med	6.5	< 1.10.8-150300.4.3.1	1.10.8-150300.4.3.1	Sep 20, 2018	A SIGFPE signal is raised in the function H5D__chunk_set_info_real() of H5Dchunk.c in the HDF HDF5 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection against division by zero. This issue is different from CVE-2018-11207.
CVE-2018-17234	Med	6.5	< 1.10.8-150300.4.3.1	1.10.8-150300.4.3.1	Sep 20, 2018	Memory leak in the H5O__chunk_deserialize() function in H5Ocache.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service (memory consumption) via a crafted HDF5 file.
CVE-2018-16438	Hig	8.8	< 1.10.8-150300.4.6.1	1.10.8-150300.4.6.1	Sep 4, 2018	An issue was discovered in the HDF HDF5 1.8.20 library. There is an out of bounds read in H5L_extern_query at H5Lexternal.c.

CVE-2021-37501Feb 3, 2023
affected < 1.10.8-150300.4.9.1fixed 1.10.8-150300.4.9.1
Buffer Overflow vulnerability in HDFGroup hdf5-h5dump 1.12.0 through 1.13.0 allows attackers to cause a denial of service via h5tools_str_sprint in /hdf5/tools/lib/h5tools_str.c.
CVE-2021-46244Jan 21, 2022
affected < 1.10.8-150300.4.6.1fixed 1.10.8-150300.4.6.1
A Divide By Zero vulnerability exists in HDF5 v1.13.1-1 vis the function H5T__complete_copy () at /hdf5/src/H5T.c. This vulnerability causes an aritmetic exception, leading to a Denial of Service (DoS).
CVE-2021-46242Jan 21, 2022
affected < 1.10.8-150300.4.6.1fixed 1.10.8-150300.4.6.1
HDF5 v1.13.1-1 was discovered to contain a heap-use-after free via the component H5AC_unpin_entry.
CVE-2021-45833Jan 5, 2022
affected < 1.10.8-150300.4.6.1fixed 1.10.8-150300.4.6.1
A Stack-based Buffer Overflow Vulnerability exists in HDF5 1.13.1-1 via the H5D__create_chunk_file_map_hyper function in /hdf5/src/H5Dchunk.c, which causes a Denial of Service (context-dependent).
CVE-2021-45830Jan 5, 2022
affected < 1.10.8-150300.4.6.1fixed 1.10.8-150300.4.6.1
A heap-based buffer overflow vulnerability exists in HDF5 1.13.1-1 via H5F_addr_decode_len in /hdf5/src/H5Fint.c, which could cause a Denial of Service.
CVE-2020-10809Mar 22, 2020
affected < 1.10.8-150300.4.3.1fixed 1.10.8-150300.4.3.1
An issue was discovered in HDF5 through 1.12.0. A heap-based buffer overflow exists in the function Decompress() located in decompress.c. It can be triggered by sending a crafted file to the gif2h5 binary. It allows an attacker to cause Denial of Service.
CVE-2020-10810Mar 22, 2020
affected < 1.10.8-150300.4.3.1fixed 1.10.8-150300.4.3.1
An issue was discovered in HDF5 through 1.12.0. A NULL pointer dereference exists in the function H5AC_unpin_entry() located in H5AC.c. It allows an attacker to cause Denial of Service.
CVE-2020-10811Mar 22, 2020
affected < 1.10.8-150300.4.3.1fixed 1.10.8-150300.4.3.1
An issue was discovered in HDF5 through 1.12.0. A heap-based buffer over-read exists in the function H5O__layout_decode() located in H5Olayout.c. It allows an attacker to cause Denial of Service.
CVE-2020-10812Mar 22, 2020
affected < 1.10.8-150300.4.6.1fixed 1.10.8-150300.4.6.1
An issue was discovered in HDF5 through 1.12.0. A NULL pointer dereference exists in the function H5F_get_nrefs() located in H5Fquery.c. It allows an attacker to cause Denial of Service.
CVE-2019-8396Feb 17, 2019
affected < 1.10.8-150300.4.6.1fixed 1.10.8-150300.4.6.1
A buffer overflow in H5O__layout_encode in H5Olayout.c in the HDF HDF5 through 1.10.4 library allows attackers to cause a denial of service via a crafted HDF5 file. This issue was triggered while repacking an HDF5 file, aka "Invalid write of size 2."
CVE-2018-17439MedSep 24, 2018
affected < 1.10.8-150300.4.6.1fixed 1.10.8-150300.4.6.1
An issue was discovered in the HDF HDF5 1.10.3 library. There is a stack-based buffer overflow in the function H5S_extent_get_dims() in H5S.c. Specifically, this issue occurs while converting an HDF5 file to a GIF file.
CVE-2018-17438MedSep 24, 2018
affected < 1.10.8-150300.4.3.1fixed 1.10.8-150300.4.3.1
A SIGFPE signal is raised in the function H5D__select_io() of H5Dselect.c in the HDF HDF5 through 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection against division by zero. It could allow a remote denial of service attack.
CVE-2018-17437MedSep 24, 2018
affected < 1.10.8-150300.4.3.1fixed 1.10.8-150300.4.3.1
Memory leak in the H5O_dtype_decode_helper() function in H5Odtype.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service (memory consumption) via a crafted HDF5 file.
CVE-2018-17436MedSep 24, 2018
affected < 1.10.8-150300.4.3.1fixed 1.10.8-150300.4.3.1
ReadCode() in decompress.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service (invalid write access) via a crafted HDF5 file. This issue was triggered while converting a GIF file to an HDF file.
CVE-2018-17434MedSep 24, 2018
affected < 1.10.8-150300.4.3.1fixed 1.10.8-150300.4.3.1
A SIGFPE signal is raised in the function apply_filters() of h5repack_filters.c in the HDF HDF5 through 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection against division by zero. It could allow a remote denial of service attack.
CVE-2018-17433MedSep 24, 2018
affected < 1.10.8-150300.4.3.1fixed 1.10.8-150300.4.3.1
A heap-based buffer overflow in ReadGifImageDesc() in gifread.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service via a crafted HDF5 file. This issue was triggered while converting a GIF file to an HDF file.
CVE-2018-17432MedSep 24, 2018
affected < 1.10.8-150300.4.3.1fixed 1.10.8-150300.4.3.1
A NULL pointer dereference in H5O_sdspace_encode() in H5Osdspace.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service via a crafted HDF5 file.
CVE-2018-17237MedSep 20, 2018
affected < 1.10.8-150300.4.3.1fixed 1.10.8-150300.4.3.1
A SIGFPE signal is raised in the function H5D__chunk_set_info_real() of H5Dchunk.c in the HDF HDF5 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection against division by zero. This issue is different from CVE-2018-11207.
CVE-2018-17234MedSep 20, 2018
affected < 1.10.8-150300.4.3.1fixed 1.10.8-150300.4.3.1
Memory leak in the H5O__chunk_deserialize() function in H5Ocache.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service (memory consumption) via a crafted HDF5 file.
CVE-2018-16438HigSep 4, 2018
affected < 1.10.8-150300.4.6.1fixed 1.10.8-150300.4.6.1
An issue was discovered in the HDF HDF5 1.8.20 library. There is an out of bounds read in H5L_extern_query at H5Lexternal.c.

Page 1 of 2