HDF5 Library
by HDF Group
CVEs (5)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-32622 | Cri | 0.59 | 9.1 | 0.01 | May 14, 2024 | HDF5 Library through 1.14.3 contains a out-of-bounds read operation in H5FL_arr_malloc in H5FL.c (called from H5S_set_extent_simple in H5S.c). | ||
| CVE-2024-32614 | Hig | 0.57 | 8.8 | 0.01 | May 14, 2024 | HDF5 Library through 1.14.3 has a SEGV in H5VM_memcpyvv in H5VM.c. | ||
| CVE-2024-32616 | Hig | 0.48 | 7.4 | 0.00 | May 14, 2024 | HDF5 Library through 1.14.3 contains a heap-based buffer over-read in H5O__dtype_encode_helper in H5Odtype.c. | ||
| CVE-2024-32612 | Hig | 0.48 | 7.4 | 0.00 | May 14, 2024 | HDF5 Library through 1.14.3 contains a heap-based buffer over-read in H5HL__fl_deserialize in H5HLcache.c, resulting in the corruption of the instruction pointer, a different vulnerability than CVE-2024-32613. | ||
| CVE-2024-33876 | Med | 0.37 | 5.7 | 0.00 | May 14, 2024 | HDF5 Library through 1.14.3 has a heap buffer overflow in H5S__point_deserialize in H5Spoint.c. |
- risk 0.59cvss 9.1epss 0.01
HDF5 Library through 1.14.3 contains a out-of-bounds read operation in H5FL_arr_malloc in H5FL.c (called from H5S_set_extent_simple in H5S.c).
- risk 0.57cvss 8.8epss 0.01
HDF5 Library through 1.14.3 has a SEGV in H5VM_memcpyvv in H5VM.c.
- risk 0.48cvss 7.4epss 0.00
HDF5 Library through 1.14.3 contains a heap-based buffer over-read in H5O__dtype_encode_helper in H5Odtype.c.
- risk 0.48cvss 7.4epss 0.00
HDF5 Library through 1.14.3 contains a heap-based buffer over-read in H5HL__fl_deserialize in H5HLcache.c, resulting in the corruption of the instruction pointer, a different vulnerability than CVE-2024-32613.
- risk 0.37cvss 5.7epss 0.00
HDF5 Library through 1.14.3 has a heap buffer overflow in H5S__point_deserialize in H5Spoint.c.