The HDF Group
Products
1- 19 CVEs
Recent CVEs
19| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-32608 | Cri | 0.64 | 9.8 | 0.01 | Oct 9, 2024 | HDF5 library through 1.14.3 has memory corruption in H5A__close resulting in the corruption of the instruction pointer and causing denial of service or potential code execution. | ||
| CVE-2024-33874 | Cri | 0.64 | 9.8 | 0.01 | May 14, 2024 | HDF5 Library through 1.14.3 has a heap buffer overflow in H5O__mtime_new_encode in H5Omtime.c. | ||
| CVE-2024-32621 | Cri | 0.64 | 9.8 | 0.01 | May 14, 2024 | HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5HG_read in H5HG.c (called from H5VL__native_blob_get in H5VLnative_blob.c), resulting in the corruption of the instruction pointer. | ||
| CVE-2024-32611 | Cri | 0.64 | 9.8 | 0.01 | May 14, 2024 | HDF5 Library through 1.14.3 may use an uninitialized value in H5A__attr_release_table in H5Aint.c. | ||
| CVE-2024-33877 | Hig | 0.57 | 8.8 | 0.01 | May 14, 2024 | HDF5 Library through 1.14.3 has a heap-based buffer overflow in H5T__conv_struct_opt in H5Tconv.c. | ||
| CVE-2024-33873 | Hig | 0.57 | 8.8 | 0.01 | May 14, 2024 | HDF5 Library through 1.14.3 has a heap-based buffer overflow in H5D__scatter_mem in H5Dscatgath.c. | ||
| CVE-2024-32623 | Hig | 0.57 | 8.8 | 0.01 | May 14, 2024 | HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5VM_array_fill in H5VM.c (called from H5S_select_elements in H5Spoint.c). | ||
| CVE-2024-32617 | Hig | 0.57 | 8.8 | 0.01 | May 14, 2024 | HDF5 Library through 1.14.3 contains a heap-based buffer over-read caused by the unsafe use of strdup in H5MM_xstrdup in H5MM.c (called from H5G__ent_to_link in H5Glink.c). | ||
| CVE-2024-32605 | Hig | 0.57 | 8.8 | 0.01 | May 14, 2024 | HDF5 Library through 1.14.3 has a heap-based buffer over-read in H5VM_memcpyvv in H5VM.c (called from H5D__compact_readvv in H5Dcompact.c). | ||
| CVE-2024-29161 | Hig | 0.57 | 8.8 | 0.01 | May 14, 2024 | HDF5 through 1.14.3 contains a heap buffer overflow in H5A__attr_release_table, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution. | ||
| CVE-2024-32609 | Hig | 0.49 | 7.5 | 0.01 | May 14, 2024 | HDF5 Library through 1.14.3 allows stack consumption in the function H5E_printf_stack in H5Eint.c. | ||
| CVE-2024-32624 | Hig | 0.48 | 7.4 | 0.01 | May 14, 2024 | HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5T__ref_mem_setnull in H5Tref.c (called from H5T__conv_ref in H5Tconv.c), resulting in the corruption of the instruction pointer. | ||
| CVE-2024-32620 | Hig | 0.48 | 7.4 | 0.00 | May 14, 2024 | HDF5 Library through 1.14.3 contains a heap-based buffer over-read in H5F_addr_decode_len in H5Fint.c, resulting in the corruption of the instruction pointer. | ||
| CVE-2024-32619 | Hig | 0.48 | 7.4 | 0.00 | May 14, 2024 | HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5T_copy_reopen in H5T.c, resulting in the corruption of the instruction pointer. | ||
| CVE-2024-32618 | Hig | 0.48 | 7.4 | 0.00 | May 14, 2024 | HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5T__get_native_type in H5Tnative.c, resulting in the corruption of the instruction pointer. | ||
| CVE-2024-32613 | Hig | 0.48 | 7.4 | 0.00 | May 14, 2024 | HDF5 Library through 1.14.3 contains a heap-based buffer over-read in the function H5HL__fl_deserialize in H5HLcache.c, a different vulnerability than CVE-2024-32612. | ||
| CVE-2024-33875 | Med | 0.37 | 5.7 | 0.00 | May 14, 2024 | HDF5 Library through 1.14.3 has a heap-based buffer overflow in H5O__layout_encode in H5Olayout.c, resulting in the corruption of the instruction pointer. | ||
| CVE-2024-32610 | Med | 0.37 | 5.7 | 0.00 | May 14, 2024 | HDF5 Library through 1.14.3 has a SEGV in H5T_close_real in H5T.c, resulting in a corrupted instruction pointer. | ||
| CVE-2024-32607 | Med | 0.37 | 5.7 | 0.00 | May 14, 2024 | HDF5 Library through 1.14.3 has a SEGV in H5A__close in H5Aint.c, resulting in the corruption of the instruction pointer. |
- risk 0.64cvss 9.8epss 0.01
HDF5 library through 1.14.3 has memory corruption in H5A__close resulting in the corruption of the instruction pointer and causing denial of service or potential code execution.
- risk 0.64cvss 9.8epss 0.01
HDF5 Library through 1.14.3 has a heap buffer overflow in H5O__mtime_new_encode in H5Omtime.c.
- risk 0.64cvss 9.8epss 0.01
HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5HG_read in H5HG.c (called from H5VL__native_blob_get in H5VLnative_blob.c), resulting in the corruption of the instruction pointer.
- risk 0.64cvss 9.8epss 0.01
HDF5 Library through 1.14.3 may use an uninitialized value in H5A__attr_release_table in H5Aint.c.
- risk 0.57cvss 8.8epss 0.01
HDF5 Library through 1.14.3 has a heap-based buffer overflow in H5T__conv_struct_opt in H5Tconv.c.
- risk 0.57cvss 8.8epss 0.01
HDF5 Library through 1.14.3 has a heap-based buffer overflow in H5D__scatter_mem in H5Dscatgath.c.
- risk 0.57cvss 8.8epss 0.01
HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5VM_array_fill in H5VM.c (called from H5S_select_elements in H5Spoint.c).
- risk 0.57cvss 8.8epss 0.01
HDF5 Library through 1.14.3 contains a heap-based buffer over-read caused by the unsafe use of strdup in H5MM_xstrdup in H5MM.c (called from H5G__ent_to_link in H5Glink.c).
- risk 0.57cvss 8.8epss 0.01
HDF5 Library through 1.14.3 has a heap-based buffer over-read in H5VM_memcpyvv in H5VM.c (called from H5D__compact_readvv in H5Dcompact.c).
- risk 0.57cvss 8.8epss 0.01
HDF5 through 1.14.3 contains a heap buffer overflow in H5A__attr_release_table, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution.
- risk 0.49cvss 7.5epss 0.01
HDF5 Library through 1.14.3 allows stack consumption in the function H5E_printf_stack in H5Eint.c.
- risk 0.48cvss 7.4epss 0.01
HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5T__ref_mem_setnull in H5Tref.c (called from H5T__conv_ref in H5Tconv.c), resulting in the corruption of the instruction pointer.
- risk 0.48cvss 7.4epss 0.00
HDF5 Library through 1.14.3 contains a heap-based buffer over-read in H5F_addr_decode_len in H5Fint.c, resulting in the corruption of the instruction pointer.
- risk 0.48cvss 7.4epss 0.00
HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5T_copy_reopen in H5T.c, resulting in the corruption of the instruction pointer.
- risk 0.48cvss 7.4epss 0.00
HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5T__get_native_type in H5Tnative.c, resulting in the corruption of the instruction pointer.
- risk 0.48cvss 7.4epss 0.00
HDF5 Library through 1.14.3 contains a heap-based buffer over-read in the function H5HL__fl_deserialize in H5HLcache.c, a different vulnerability than CVE-2024-32612.
- risk 0.37cvss 5.7epss 0.00
HDF5 Library through 1.14.3 has a heap-based buffer overflow in H5O__layout_encode in H5Olayout.c, resulting in the corruption of the instruction pointer.
- risk 0.37cvss 5.7epss 0.00
HDF5 Library through 1.14.3 has a SEGV in H5T_close_real in H5T.c, resulting in a corrupted instruction pointer.
- risk 0.37cvss 5.7epss 0.00
HDF5 Library through 1.14.3 has a SEGV in H5A__close in H5Aint.c, resulting in the corruption of the instruction pointer.