Astra Linux – Vulnerability in hdf5

There is a heap-based buffer overflow vulnerability in the gif2h5 functionality of HDF5 Group libhdf5 1.10.4. A specially crafted GIF file can lead to code execution. An attacker can provide a malicious file to exploit this vulnerability...

Astra Linux – Vulnerability in hdf5

A SIGFPE signal is raised in the function H5Dcreatechunkfilemaphyper of H5Dchunk.c in the HDF HDF5 through 1.10.3 library during an attempt to parse a crafted HDF file. This occurs due to incorrect protection against division by zero. This could allow a remote denial-of-service attack...

Astra Linux – Vulnerability in hdf5

The HDF5 library from version 1.14.3 has memory corruption in the H5Aclose function, which results in the corruption of the instruction pointer. This causes a denial of service or potentially leads to code execution...

JLSEC-2026-294

HDF5 through 1.14.3 contains a heap buffer overflow in H5Aattrreleasetable, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution...

JLSEC-2026-310

HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5Znbitdecompressonebyte in H5Znbit.c, caused by the earlier use of an initialized pointer...

JLSEC-2026-295

HDF5 through 1.13.3 and/or 1.14.2 contains a stack buffer overflow in H5HGread, resulting in denial of service or potential code execution...

JLSEC-2026-347

A vulnerability has been found in HDF5 1.14.6 and classified as problematic. Affected by this vulnerability is the function H5Gnodecmp3 of the file src/H5Gnode.c. The manipulation leads to stack-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been...

CVE-2025-2915 affecting package hdf5 for versions less than 1.14.6-2

CVE-2025-2915 affecting package hdf5 for versions less than 1.14.6-2. A patched version of the package is available...

Linux Distros Unpatched Vulnerability : CVE-2026-29043

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HDF5 is software for managing data. In 1.14.1-2 and earlier, an attacker who can control an h5 file parsed by HDF5 can trigger a write-based heap buffer overflo...

CVE-2026-29043

HDF5 is software for managing data. In 1.14.1-2 and earlier, an attacker who can control an h5 file parsed by HDF5 can trigger a write-based heap buffer overflow condition in the H5Trefmemsetnull method. This can lead to a denial-of-service condition, and potentially further issues such as remote...

CVE-2026-29043 HDF5 H5T__ref_mem_setnull Heap Buffer Overflow

HDF5 is software for managing data. In 1.14.1-2 and earlier, an attacker who can control an h5 file parsed by HDF5 can trigger a write-based heap buffer overflow condition in the H5Trefmemsetnull method. This can lead to a denial-of-service condition, and potentially further issues such as remote...

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow in the H5Trefmemsetnull function. An attacker can cause a heap buffer overflow by supplying a specially crafted HDF5 .h5 file, which may result in denial of service or potentially allow execution of arbitrary...

Linux Distros Unpatched Vulnerability : CVE-2026-34734

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HDF5 is software for managing data. In 1.14.1-2 and earlier, a heap-use-after-free was found in the h5dump helper utility. An attacker who can supply a maliciou...

CVE-2026-34734 HDF5: H5T__conv_struct Use After Free

HDF5 is software for managing data. In 1.14.1-2 and earlier, a heap-use-after-free was found in the h5dump helper utility. An attacker who can supply a malicious h5 file can trigger a heap use-after-free. The freed object is referenced in a memmove call from H5Tconvstruct. The original object was...

CVE-2026-26200

HDF5 is software for managing data. Prior to version 1.14.4-2, an attacker who can control an h5 file parsed by HDF5 can trigger a write-based heap buffer overflow condition. This can lead to a denial-of-service condition, and potentially further issues such as remote code execution depending on...

Linux Distros Unpatched Vulnerability : CVE-2026-26200

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HDF5 is software for managing data. Prior to version 1.14.4-2, an attacker who can control an h5 file parsed by HDF5 can trigger a write-based heap buffer...

Azure Linux 3.0 Security Update: hdf5 (CVE-2024-29161)

The version of hdf5 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-29161 advisory. - HDF5 through 1.14.3 contains a heap buffer overflow in H5Aattrreleasetable, resulting in the corruption of the...

CVE-2025-6858 affecting package hdf5 for versions less than 1.14.6-1

CVE-2025-6858 affecting package hdf5 for versions less than 1.14.6-1. A patched version of the package is available...

CVE-2025-7067 affecting package hdf5 for versions less than 1.14.6-1

CVE-2025-7067 affecting package hdf5 for versions less than 1.14.6-1. A patched version of the package is available...

CVE-2025-6818 affecting package hdf5 for versions less than 1.14.6-1

CVE-2025-6818 affecting package hdf5 for versions less than 1.14.6-1. A patched version of the package is available...