HDF5 Library through 1.14.3 has a heap-based buffer over-read in H5VM_memcpyvv in H5VM.c (called from H5D__compact_readvv in H5Dcompact.c).

...

CVE-2024-32605

HDF5 Library through 1.14.3 has a heap-based buffer over-read in H5VMmemcpyvv in H5VM.c called from H5Dcompactreadvv in H5Dcompact.c...

CVE-2024-32605

HDF5 Library up to version 1.14.3 is affected by CVE-2024-32605 due to a heap-based buffer over-read in H5VM_memcpyvv (H5VM.c), invoked from H5D__compact_readvv (H5Dcompact.c). This memory-read overrun could lead to memory corruption or a crash. The issue is fixed in 1.14.4; upgrading is recommen...

CVE-2024-32605

HDF5 Library through 1.14.3 has a heap-based buffer over-read in H5VMmemcpyvv in H5VM.c called from H5Dcompactreadvv in H5Dcompact.c...

Arbitrary Code Execution

hdf5 is vulnerable to arbitrary code execution. An out-of-bounds read in the function H5VMmemcpyvv in H5VM.c when called from H5Dcompactreadvv in H5Dcompact.c allows an attacker to execute arbitrary code on the host OS...

CVE-2019-9151

An issue was discovered in the HDF HDF5 1.10.4 library. There is an out of bounds read in the function H5VMmemcpyvv in H5VM.c when called from H5Dcompactreadvv in H5Dcompact.c...