rpm package
suse/hdf5_1_10_8-gnu-openmpi4-hpc&distro=SUSE Linux Enterprise Module for HPC 15 SP4
pkg:rpm/suse/hdf5_1_10_8-gnu-openmpi4-hpc&distro=SUSE%20Linux%20Enterprise%20Module%20for%20HPC%2015%20SP4
Vulnerabilities (12)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-37501 | — | < 1.10.8-150400.3.6.1 | 1.10.8-150400.3.6.1 | Feb 3, 2023 | Buffer Overflow vulnerability in HDFGroup hdf5-h5dump 1.12.0 through 1.13.0 allows attackers to cause a denial of service via h5tools_str_sprint in /hdf5/tools/lib/h5tools_str.c. | ||
| CVE-2021-46244 | — | < 1.10.8-150400.3.3.1 | 1.10.8-150400.3.3.1 | Jan 21, 2022 | A Divide By Zero vulnerability exists in HDF5 v1.13.1-1 vis the function H5T__complete_copy () at /hdf5/src/H5T.c. This vulnerability causes an aritmetic exception, leading to a Denial of Service (DoS). | ||
| CVE-2021-46242 | — | < 1.10.8-150400.3.3.1 | 1.10.8-150400.3.3.1 | Jan 21, 2022 | HDF5 v1.13.1-1 was discovered to contain a heap-use-after free via the component H5AC_unpin_entry. | ||
| CVE-2021-45833 | — | < 1.10.8-150400.3.3.1 | 1.10.8-150400.3.3.1 | Jan 5, 2022 | A Stack-based Buffer Overflow Vulnerability exists in HDF5 1.13.1-1 via the H5D__create_chunk_file_map_hyper function in /hdf5/src/H5Dchunk.c, which causes a Denial of Service (context-dependent). | ||
| CVE-2021-45830 | — | < 1.10.8-150400.3.3.1 | 1.10.8-150400.3.3.1 | Jan 5, 2022 | A heap-based buffer overflow vulnerability exists in HDF5 1.13.1-1 via H5F_addr_decode_len in /hdf5/src/H5Fint.c, which could cause a Denial of Service. | ||
| CVE-2020-10812 | — | < 1.10.8-150400.3.3.1 | 1.10.8-150400.3.3.1 | Mar 22, 2020 | An issue was discovered in HDF5 through 1.12.0. A NULL pointer dereference exists in the function H5F_get_nrefs() located in H5Fquery.c. It allows an attacker to cause Denial of Service. | ||
| CVE-2019-8396 | — | < 1.10.8-150400.3.3.1 | 1.10.8-150400.3.3.1 | Feb 17, 2019 | A buffer overflow in H5O__layout_encode in H5Olayout.c in the HDF HDF5 through 1.10.4 library allows attackers to cause a denial of service via a crafted HDF5 file. This issue was triggered while repacking an HDF5 file, aka "Invalid write of size 2." | ||
| CVE-2018-17439 | Med | 6.5 | < 1.10.8-150400.3.3.1 | 1.10.8-150400.3.3.1 | Sep 24, 2018 | An issue was discovered in the HDF HDF5 1.10.3 library. There is a stack-based buffer overflow in the function H5S_extent_get_dims() in H5S.c. Specifically, this issue occurs while converting an HDF5 file to a GIF file. | |
| CVE-2018-16438 | Hig | 8.8 | < 1.10.8-150400.3.3.1 | 1.10.8-150400.3.3.1 | Sep 4, 2018 | An issue was discovered in the HDF HDF5 1.8.20 library. There is an out of bounds read in H5L_extern_query at H5Lexternal.c. | |
| CVE-2018-14031 | Hig | 8.8 | < 1.10.8-150400.3.3.1 | 1.10.8-150400.3.3.1 | Jul 13, 2018 | An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5T_copy in H5T.c. | |
| CVE-2018-13867 | Cri | 9.8 | < 1.10.8-150400.3.3.1 | 1.10.8-150400.3.3.1 | Jul 10, 2018 | An issue was discovered in the HDF HDF5 1.8.20 library. There is an out of bounds read in the function H5F__accum_read in H5Faccum.c. | |
| CVE-2018-11205 | Hig | 8.1 | < 1.10.8-150400.3.3.1 | 1.10.8-150400.3.3.1 | May 16, 2018 | A out of bounds read was discovered in H5VM_memcpyvv in H5VM.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service or information disclosure attack. |
- CVE-2021-37501Feb 3, 2023affected < 1.10.8-150400.3.6.1fixed 1.10.8-150400.3.6.1
Buffer Overflow vulnerability in HDFGroup hdf5-h5dump 1.12.0 through 1.13.0 allows attackers to cause a denial of service via h5tools_str_sprint in /hdf5/tools/lib/h5tools_str.c.
- CVE-2021-46244Jan 21, 2022affected < 1.10.8-150400.3.3.1fixed 1.10.8-150400.3.3.1
A Divide By Zero vulnerability exists in HDF5 v1.13.1-1 vis the function H5T__complete_copy () at /hdf5/src/H5T.c. This vulnerability causes an aritmetic exception, leading to a Denial of Service (DoS).
- CVE-2021-46242Jan 21, 2022affected < 1.10.8-150400.3.3.1fixed 1.10.8-150400.3.3.1
HDF5 v1.13.1-1 was discovered to contain a heap-use-after free via the component H5AC_unpin_entry.
- CVE-2021-45833Jan 5, 2022affected < 1.10.8-150400.3.3.1fixed 1.10.8-150400.3.3.1
A Stack-based Buffer Overflow Vulnerability exists in HDF5 1.13.1-1 via the H5D__create_chunk_file_map_hyper function in /hdf5/src/H5Dchunk.c, which causes a Denial of Service (context-dependent).
- CVE-2021-45830Jan 5, 2022affected < 1.10.8-150400.3.3.1fixed 1.10.8-150400.3.3.1
A heap-based buffer overflow vulnerability exists in HDF5 1.13.1-1 via H5F_addr_decode_len in /hdf5/src/H5Fint.c, which could cause a Denial of Service.
- CVE-2020-10812Mar 22, 2020affected < 1.10.8-150400.3.3.1fixed 1.10.8-150400.3.3.1
An issue was discovered in HDF5 through 1.12.0. A NULL pointer dereference exists in the function H5F_get_nrefs() located in H5Fquery.c. It allows an attacker to cause Denial of Service.
- CVE-2019-8396Feb 17, 2019affected < 1.10.8-150400.3.3.1fixed 1.10.8-150400.3.3.1
A buffer overflow in H5O__layout_encode in H5Olayout.c in the HDF HDF5 through 1.10.4 library allows attackers to cause a denial of service via a crafted HDF5 file. This issue was triggered while repacking an HDF5 file, aka "Invalid write of size 2."
- affected < 1.10.8-150400.3.3.1fixed 1.10.8-150400.3.3.1
An issue was discovered in the HDF HDF5 1.10.3 library. There is a stack-based buffer overflow in the function H5S_extent_get_dims() in H5S.c. Specifically, this issue occurs while converting an HDF5 file to a GIF file.
- affected < 1.10.8-150400.3.3.1fixed 1.10.8-150400.3.3.1
An issue was discovered in the HDF HDF5 1.8.20 library. There is an out of bounds read in H5L_extern_query at H5Lexternal.c.
- affected < 1.10.8-150400.3.3.1fixed 1.10.8-150400.3.3.1
An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5T_copy in H5T.c.
- affected < 1.10.8-150400.3.3.1fixed 1.10.8-150400.3.3.1
An issue was discovered in the HDF HDF5 1.8.20 library. There is an out of bounds read in the function H5F__accum_read in H5Faccum.c.
- affected < 1.10.8-150400.3.3.1fixed 1.10.8-150400.3.3.1
A out of bounds read was discovered in H5VM_memcpyvv in H5VM.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service or information disclosure attack.