rpm package

suse/hdf5_1_10_8-gnu-openmpi3-hpc&distro=SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS

pkg:rpm/suse/hdf5_1_10_8-gnu-openmpi3-hpc&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSS

Vulnerabilities (37)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2018-16438	Hig	8.8	< 1.10.8-150200.8.7.1	1.10.8-150200.8.7.1	Sep 4, 2018	An issue was discovered in the HDF HDF5 1.8.20 library. There is an out of bounds read in H5L_extern_query at H5Lexternal.c.
CVE-2018-14460	Hig	8.8	< 1.10.8-150200.8.4.2	1.10.8-150200.8.4.2	Jul 20, 2018	An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5O_sdspace_decode in H5Osdspace.c.
CVE-2018-14033	Hig	8.8	< 1.10.8-150200.8.4.2	1.10.8-150200.8.4.2	Jul 13, 2018	An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5O_layout_decode in H5Olayout.c, related to HDmemcpy.
CVE-2018-14031	Hig	8.8	< 1.10.8-150200.8.7.1	1.10.8-150200.8.7.1	Jul 13, 2018	An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5T_copy in H5T.c.
CVE-2018-13870	Cri	9.8	< 1.10.8-150200.8.4.2	1.10.8-150200.8.4.2	Jul 10, 2018	An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5O_link_decode in H5Olink.c.
CVE-2018-13869	Cri	9.8	< 1.10.8-150200.8.4.2	1.10.8-150200.8.4.2	Jul 10, 2018	An issue was discovered in the HDF HDF5 1.8.20 library. There is a memcpy parameter overlap in the function H5O_link_decode in H5Olink.c.
CVE-2018-13867	Cri	9.8	< 1.10.8-150200.8.7.1	1.10.8-150200.8.7.1	Jul 10, 2018	An issue was discovered in the HDF HDF5 1.8.20 library. There is an out of bounds read in the function H5F__accum_read in H5Faccum.c.
CVE-2018-11207	Med	6.5	< 1.10.8-150200.8.4.2	1.10.8-150200.8.4.2	May 16, 2018	A division by zero was discovered in H5D__chunk_init in H5Dchunk.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service attack.
CVE-2018-11206	Hig	8.1	< 1.10.8-150200.8.4.2	1.10.8-150200.8.4.2	May 16, 2018	An out of bounds read was discovered in H5O_fill_new_decode and H5O_fill_old_decode in H5Ofill.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service or information disclosure attack.
CVE-2018-11205	Hig	8.1	< 1.10.8-150200.8.7.1	1.10.8-150200.8.7.1	May 16, 2018	A out of bounds read was discovered in H5VM_memcpyvv in H5VM.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service or information disclosure attack.
CVE-2018-11204	Med	6.5	< 1.10.8-150200.8.4.2	1.10.8-150200.8.4.2	May 16, 2018	A NULL pointer dereference was discovered in H5O__chunk_deserialize in H5Ocache.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service attack.
CVE-2018-11203	Med	6.5	< 1.10.8-150200.8.4.2	1.10.8-150200.8.4.2	May 16, 2018	A division by zero was discovered in H5D__btree_decode_key in H5Dbtree.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service attack.
CVE-2018-11202	Med	6.5	< 1.10.8-150200.8.4.2	1.10.8-150200.8.4.2	May 16, 2018	A NULL pointer dereference was discovered in H5S_hyper_make_spans in H5Shyper.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service attack.
CVE-2017-17509	Hig	8.8	< 1.10.8-150200.8.4.2	1.10.8-150200.8.4.2	Dec 11, 2017	In HDF5 1.10.1, there is an out of bounds write vulnerability in the function H5G__ent_decode_vec in H5Gcache.c in libhdf5.a. For example, h5dump would crash or possibly have unspecified other impact someone opens a crafted hdf5 file.
CVE-2017-17508	Med	6.5	< 1.10.8-150200.8.4.2	1.10.8-150200.8.4.2	Dec 11, 2017	In HDF5 1.10.1, there is a divide-by-zero vulnerability in the function H5T_set_loc in the H5T.c file in libhdf5.a. For example, h5dump would crash when someone opens a crafted hdf5 file.
CVE-2017-17506	Med	6.5	< 1.10.8-150200.8.4.2	1.10.8-150200.8.4.2	Dec 11, 2017	In HDF5 1.10.1, there is an out of bounds read vulnerability in the function H5Opline_pline_decode in H5Opline.c in libhdf5.a. For example, h5dump would crash when someone opens a crafted hdf5 file.
CVE-2017-17505	Med	6.5	< 1.10.8-150200.8.4.2	1.10.8-150200.8.4.2	Dec 11, 2017	In HDF5 1.10.1, there is a NULL pointer dereference in the function H5O_pline_decode in the H5Opline.c file in libhdf5.a. For example, h5dump would crash when someone opens a crafted hdf5 file.

CVE-2018-16438HigSep 4, 2018
affected < 1.10.8-150200.8.7.1fixed 1.10.8-150200.8.7.1
An issue was discovered in the HDF HDF5 1.8.20 library. There is an out of bounds read in H5L_extern_query at H5Lexternal.c.
CVE-2018-14460HigJul 20, 2018
affected < 1.10.8-150200.8.4.2fixed 1.10.8-150200.8.4.2
An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5O_sdspace_decode in H5Osdspace.c.
CVE-2018-14033HigJul 13, 2018
affected < 1.10.8-150200.8.4.2fixed 1.10.8-150200.8.4.2
An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5O_layout_decode in H5Olayout.c, related to HDmemcpy.
CVE-2018-14031HigJul 13, 2018
affected < 1.10.8-150200.8.7.1fixed 1.10.8-150200.8.7.1
An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5T_copy in H5T.c.
CVE-2018-13870CriJul 10, 2018
affected < 1.10.8-150200.8.4.2fixed 1.10.8-150200.8.4.2
An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5O_link_decode in H5Olink.c.
CVE-2018-13869CriJul 10, 2018
affected < 1.10.8-150200.8.4.2fixed 1.10.8-150200.8.4.2
An issue was discovered in the HDF HDF5 1.8.20 library. There is a memcpy parameter overlap in the function H5O_link_decode in H5Olink.c.
CVE-2018-13867CriJul 10, 2018
affected < 1.10.8-150200.8.7.1fixed 1.10.8-150200.8.7.1
An issue was discovered in the HDF HDF5 1.8.20 library. There is an out of bounds read in the function H5F__accum_read in H5Faccum.c.
CVE-2018-11207MedMay 16, 2018
affected < 1.10.8-150200.8.4.2fixed 1.10.8-150200.8.4.2
A division by zero was discovered in H5D__chunk_init in H5Dchunk.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service attack.
CVE-2018-11206HigMay 16, 2018
affected < 1.10.8-150200.8.4.2fixed 1.10.8-150200.8.4.2
An out of bounds read was discovered in H5O_fill_new_decode and H5O_fill_old_decode in H5Ofill.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service or information disclosure attack.
CVE-2018-11205HigMay 16, 2018
affected < 1.10.8-150200.8.7.1fixed 1.10.8-150200.8.7.1
A out of bounds read was discovered in H5VM_memcpyvv in H5VM.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service or information disclosure attack.
CVE-2018-11204MedMay 16, 2018
affected < 1.10.8-150200.8.4.2fixed 1.10.8-150200.8.4.2
A NULL pointer dereference was discovered in H5O__chunk_deserialize in H5Ocache.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service attack.
CVE-2018-11203MedMay 16, 2018
affected < 1.10.8-150200.8.4.2fixed 1.10.8-150200.8.4.2
A division by zero was discovered in H5D__btree_decode_key in H5Dbtree.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service attack.
CVE-2018-11202MedMay 16, 2018
affected < 1.10.8-150200.8.4.2fixed 1.10.8-150200.8.4.2
A NULL pointer dereference was discovered in H5S_hyper_make_spans in H5Shyper.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service attack.
CVE-2017-17509HigDec 11, 2017
affected < 1.10.8-150200.8.4.2fixed 1.10.8-150200.8.4.2
In HDF5 1.10.1, there is an out of bounds write vulnerability in the function H5G__ent_decode_vec in H5Gcache.c in libhdf5.a. For example, h5dump would crash or possibly have unspecified other impact someone opens a crafted hdf5 file.
CVE-2017-17508MedDec 11, 2017
affected < 1.10.8-150200.8.4.2fixed 1.10.8-150200.8.4.2
In HDF5 1.10.1, there is a divide-by-zero vulnerability in the function H5T_set_loc in the H5T.c file in libhdf5.a. For example, h5dump would crash when someone opens a crafted hdf5 file.
CVE-2017-17506MedDec 11, 2017
affected < 1.10.8-150200.8.4.2fixed 1.10.8-150200.8.4.2
In HDF5 1.10.1, there is an out of bounds read vulnerability in the function H5Opline_pline_decode in H5Opline.c in libhdf5.a. For example, h5dump would crash when someone opens a crafted hdf5 file.
CVE-2017-17505MedDec 11, 2017
affected < 1.10.8-150200.8.4.2fixed 1.10.8-150200.8.4.2
In HDF5 1.10.1, there is a NULL pointer dereference in the function H5O_pline_decode in the H5Opline.c file in libhdf5.a. For example, h5dump would crash when someone opens a crafted hdf5 file.

Page 2 of 2