rpm package

suse/suse-hpc&distro=SUSE Linux Enterprise High Performance Computing 15-LTSS

pkg:rpm/suse/suse-hpc&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-LTSS

Vulnerabilities (26)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2020-10809		—	< 0.5.20220206.0c6b168-150000.11.3.1	0.5.20220206.0c6b168-150000.11.3.1	Mar 22, 2020	An issue was discovered in HDF5 through 1.12.0. A heap-based buffer overflow exists in the function Decompress() located in decompress.c. It can be triggered by sending a crafted file to the gif2h5 binary. It allows an attacker to cause Denial of Service.
CVE-2020-10810		—	< 0.5.20220206.0c6b168-150000.11.3.1	0.5.20220206.0c6b168-150000.11.3.1	Mar 22, 2020	An issue was discovered in HDF5 through 1.12.0. A NULL pointer dereference exists in the function H5AC_unpin_entry() located in H5AC.c. It allows an attacker to cause Denial of Service.
CVE-2020-10811		—	< 0.5.20220206.0c6b168-150000.11.3.1	0.5.20220206.0c6b168-150000.11.3.1	Mar 22, 2020	An issue was discovered in HDF5 through 1.12.0. A heap-based buffer over-read exists in the function H5O__layout_decode() located in H5Olayout.c. It allows an attacker to cause Denial of Service.
CVE-2018-17438	Med	6.5	< 0.5.20220206.0c6b168-150000.11.3.1	0.5.20220206.0c6b168-150000.11.3.1	Sep 24, 2018	A SIGFPE signal is raised in the function H5D__select_io() of H5Dselect.c in the HDF HDF5 through 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection against division by zero. It could allow a remote denial of service attack.
CVE-2018-17437	Med	6.5	< 0.5.20220206.0c6b168-150000.11.3.1	0.5.20220206.0c6b168-150000.11.3.1	Sep 24, 2018	Memory leak in the H5O_dtype_decode_helper() function in H5Odtype.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service (memory consumption) via a crafted HDF5 file.
CVE-2018-17436	Med	6.5	< 0.5.20220206.0c6b168-150000.11.3.1	0.5.20220206.0c6b168-150000.11.3.1	Sep 24, 2018	ReadCode() in decompress.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service (invalid write access) via a crafted HDF5 file. This issue was triggered while converting a GIF file to an HDF file.
CVE-2018-17435	Med	6.5	< 0.5.20220206.0c6b168-150000.11.3.1	0.5.20220206.0c6b168-150000.11.3.1	Sep 24, 2018	A heap-based buffer over-read in H5O_attr_decode() in H5Oattr.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service via a crafted HDF5 file. This issue was triggered while converting an HDF file to GIF file.
CVE-2018-17434	Med	6.5	< 0.5.20220206.0c6b168-150000.11.3.1	0.5.20220206.0c6b168-150000.11.3.1	Sep 24, 2018	A SIGFPE signal is raised in the function apply_filters() of h5repack_filters.c in the HDF HDF5 through 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection against division by zero. It could allow a remote denial of service attack.
CVE-2018-17433	Med	6.5	< 0.5.20220206.0c6b168-150000.11.3.1	0.5.20220206.0c6b168-150000.11.3.1	Sep 24, 2018	A heap-based buffer overflow in ReadGifImageDesc() in gifread.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service via a crafted HDF5 file. This issue was triggered while converting a GIF file to an HDF file.
CVE-2018-17432	Med	6.5	< 0.5.20220206.0c6b168-150000.11.3.1	0.5.20220206.0c6b168-150000.11.3.1	Sep 24, 2018	A NULL pointer dereference in H5O_sdspace_encode() in H5Osdspace.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service via a crafted HDF5 file.
CVE-2018-17237	Med	6.5	< 0.5.20220206.0c6b168-150000.11.3.1	0.5.20220206.0c6b168-150000.11.3.1	Sep 20, 2018	A SIGFPE signal is raised in the function H5D__chunk_set_info_real() of H5Dchunk.c in the HDF HDF5 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection against division by zero. This issue is different from CVE-2018-11207.
CVE-2018-17234	Med	6.5	< 0.5.20220206.0c6b168-150000.11.3.1	0.5.20220206.0c6b168-150000.11.3.1	Sep 20, 2018	Memory leak in the H5O__chunk_deserialize() function in H5Ocache.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service (memory consumption) via a crafted HDF5 file.
CVE-2018-17233	Med	6.5	< 0.5.20220206.0c6b168-150000.11.3.1	0.5.20220206.0c6b168-150000.11.3.1	Sep 20, 2018	A SIGFPE signal is raised in the function H5D__create_chunk_file_map_hyper() of H5Dchunk.c in the HDF HDF5 through 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection against division by zero. It could allow a remote denial of service a
CVE-2018-14460	Hig	8.8	< 0.5.20220206.0c6b168-150000.11.3.1	0.5.20220206.0c6b168-150000.11.3.1	Jul 20, 2018	An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5O_sdspace_decode in H5Osdspace.c.
CVE-2018-14033	Hig	8.8	< 0.5.20220206.0c6b168-150000.11.3.1	0.5.20220206.0c6b168-150000.11.3.1	Jul 13, 2018	An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5O_layout_decode in H5Olayout.c, related to HDmemcpy.
CVE-2018-13870	Cri	9.8	< 0.5.20220206.0c6b168-150000.11.3.1	0.5.20220206.0c6b168-150000.11.3.1	Jul 10, 2018	An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5O_link_decode in H5Olink.c.
CVE-2018-13869	Cri	9.8	< 0.5.20220206.0c6b168-150000.11.3.1	0.5.20220206.0c6b168-150000.11.3.1	Jul 10, 2018	An issue was discovered in the HDF HDF5 1.8.20 library. There is a memcpy parameter overlap in the function H5O_link_decode in H5Olink.c.
CVE-2018-11207	Med	6.5	< 0.5.20220206.0c6b168-150000.11.3.1	0.5.20220206.0c6b168-150000.11.3.1	May 16, 2018	A division by zero was discovered in H5D__chunk_init in H5Dchunk.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service attack.
CVE-2018-11206	Hig	8.1	< 0.5.20220206.0c6b168-150000.11.3.1	0.5.20220206.0c6b168-150000.11.3.1	May 16, 2018	An out of bounds read was discovered in H5O_fill_new_decode and H5O_fill_old_decode in H5Ofill.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service or information disclosure attack.
CVE-2018-11204	Med	6.5	< 0.5.20220206.0c6b168-150000.11.3.1	0.5.20220206.0c6b168-150000.11.3.1	May 16, 2018	A NULL pointer dereference was discovered in H5O__chunk_deserialize in H5Ocache.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service attack.

CVE-2020-10809Mar 22, 2020
affected < 0.5.20220206.0c6b168-150000.11.3.1fixed 0.5.20220206.0c6b168-150000.11.3.1
An issue was discovered in HDF5 through 1.12.0. A heap-based buffer overflow exists in the function Decompress() located in decompress.c. It can be triggered by sending a crafted file to the gif2h5 binary. It allows an attacker to cause Denial of Service.
CVE-2020-10810Mar 22, 2020
affected < 0.5.20220206.0c6b168-150000.11.3.1fixed 0.5.20220206.0c6b168-150000.11.3.1
An issue was discovered in HDF5 through 1.12.0. A NULL pointer dereference exists in the function H5AC_unpin_entry() located in H5AC.c. It allows an attacker to cause Denial of Service.
CVE-2020-10811Mar 22, 2020
affected < 0.5.20220206.0c6b168-150000.11.3.1fixed 0.5.20220206.0c6b168-150000.11.3.1
An issue was discovered in HDF5 through 1.12.0. A heap-based buffer over-read exists in the function H5O__layout_decode() located in H5Olayout.c. It allows an attacker to cause Denial of Service.
CVE-2018-17438MedSep 24, 2018
affected < 0.5.20220206.0c6b168-150000.11.3.1fixed 0.5.20220206.0c6b168-150000.11.3.1
A SIGFPE signal is raised in the function H5D__select_io() of H5Dselect.c in the HDF HDF5 through 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection against division by zero. It could allow a remote denial of service attack.
CVE-2018-17437MedSep 24, 2018
affected < 0.5.20220206.0c6b168-150000.11.3.1fixed 0.5.20220206.0c6b168-150000.11.3.1
Memory leak in the H5O_dtype_decode_helper() function in H5Odtype.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service (memory consumption) via a crafted HDF5 file.
CVE-2018-17436MedSep 24, 2018
affected < 0.5.20220206.0c6b168-150000.11.3.1fixed 0.5.20220206.0c6b168-150000.11.3.1
ReadCode() in decompress.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service (invalid write access) via a crafted HDF5 file. This issue was triggered while converting a GIF file to an HDF file.
CVE-2018-17435MedSep 24, 2018
affected < 0.5.20220206.0c6b168-150000.11.3.1fixed 0.5.20220206.0c6b168-150000.11.3.1
A heap-based buffer over-read in H5O_attr_decode() in H5Oattr.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service via a crafted HDF5 file. This issue was triggered while converting an HDF file to GIF file.
CVE-2018-17434MedSep 24, 2018
affected < 0.5.20220206.0c6b168-150000.11.3.1fixed 0.5.20220206.0c6b168-150000.11.3.1
A SIGFPE signal is raised in the function apply_filters() of h5repack_filters.c in the HDF HDF5 through 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection against division by zero. It could allow a remote denial of service attack.
CVE-2018-17433MedSep 24, 2018
affected < 0.5.20220206.0c6b168-150000.11.3.1fixed 0.5.20220206.0c6b168-150000.11.3.1
A heap-based buffer overflow in ReadGifImageDesc() in gifread.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service via a crafted HDF5 file. This issue was triggered while converting a GIF file to an HDF file.
CVE-2018-17432MedSep 24, 2018
affected < 0.5.20220206.0c6b168-150000.11.3.1fixed 0.5.20220206.0c6b168-150000.11.3.1
A NULL pointer dereference in H5O_sdspace_encode() in H5Osdspace.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service via a crafted HDF5 file.
CVE-2018-17237MedSep 20, 2018
affected < 0.5.20220206.0c6b168-150000.11.3.1fixed 0.5.20220206.0c6b168-150000.11.3.1
A SIGFPE signal is raised in the function H5D__chunk_set_info_real() of H5Dchunk.c in the HDF HDF5 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection against division by zero. This issue is different from CVE-2018-11207.
CVE-2018-17234MedSep 20, 2018
affected < 0.5.20220206.0c6b168-150000.11.3.1fixed 0.5.20220206.0c6b168-150000.11.3.1
Memory leak in the H5O__chunk_deserialize() function in H5Ocache.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service (memory consumption) via a crafted HDF5 file.
CVE-2018-17233MedSep 20, 2018
affected < 0.5.20220206.0c6b168-150000.11.3.1fixed 0.5.20220206.0c6b168-150000.11.3.1
A SIGFPE signal is raised in the function H5D__create_chunk_file_map_hyper() of H5Dchunk.c in the HDF HDF5 through 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection against division by zero. It could allow a remote denial of service a
CVE-2018-14460HigJul 20, 2018
affected < 0.5.20220206.0c6b168-150000.11.3.1fixed 0.5.20220206.0c6b168-150000.11.3.1
An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5O_sdspace_decode in H5Osdspace.c.
CVE-2018-14033HigJul 13, 2018
affected < 0.5.20220206.0c6b168-150000.11.3.1fixed 0.5.20220206.0c6b168-150000.11.3.1
An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5O_layout_decode in H5Olayout.c, related to HDmemcpy.
CVE-2018-13870CriJul 10, 2018
affected < 0.5.20220206.0c6b168-150000.11.3.1fixed 0.5.20220206.0c6b168-150000.11.3.1
An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5O_link_decode in H5Olink.c.
CVE-2018-13869CriJul 10, 2018
affected < 0.5.20220206.0c6b168-150000.11.3.1fixed 0.5.20220206.0c6b168-150000.11.3.1
An issue was discovered in the HDF HDF5 1.8.20 library. There is a memcpy parameter overlap in the function H5O_link_decode in H5Olink.c.
CVE-2018-11207MedMay 16, 2018
affected < 0.5.20220206.0c6b168-150000.11.3.1fixed 0.5.20220206.0c6b168-150000.11.3.1
A division by zero was discovered in H5D__chunk_init in H5Dchunk.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service attack.
CVE-2018-11206HigMay 16, 2018
affected < 0.5.20220206.0c6b168-150000.11.3.1fixed 0.5.20220206.0c6b168-150000.11.3.1
An out of bounds read was discovered in H5O_fill_new_decode and H5O_fill_old_decode in H5Ofill.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service or information disclosure attack.
CVE-2018-11204MedMay 16, 2018
affected < 0.5.20220206.0c6b168-150000.11.3.1fixed 0.5.20220206.0c6b168-150000.11.3.1
A NULL pointer dereference was discovered in H5O__chunk_deserialize in H5Ocache.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service attack.

Page 1 of 2