Astra Linux – Vulnerability in hdf5

A issue was discovered in HDF5 through 1.12.0. A NULL pointer dereference exists in the function H5Fgetnrefs located in H5Fquery.c. This allows an attacker to cause a Denial of Service attack...

JLSEC-2026-350

A vulnerability, which was classified as problematic, has been found in HDF5 1.14.6. This issue affects the function H5FLmalloc of the file src/H5FL.c. The manipulation leads to memory leak. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used...

JLSEC-2026-290

HDF5 through 1.14.3 contains a heap buffer overflow in H5HGread, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution...

JLSEC-2026-341

A vulnerability has been found in HDF5 up to 1.14.6 and classified as critical. This vulnerability affects the function H5Faddrdecodelen of the file /hdf5/src/H5Fint.c. The manipulation leads to heap-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to...

PT-2026-31938

HDF5 is software for managing data. In 1.14.1-2 and earlier, an attacker who can control an h5 file parsed by HDF5 can trigger a write-based heap buffer overflow condition in the H5T ref mem setnull method. This can lead to a denial-of-service condition, and potentially further issues such as...

CVE-2026-34734

HDF5 is software for managing data. In 1.14.1-2 and earlier, a heap-use-after-free was found in the h5dump helper utility. An attacker who can supply a malicious h5 file can trigger a heap use-after-free. The freed object is referenced in a memmove call from H5Tconvstruct. The original object was...

CVE-2026-0897

Allocation of Resources Without Limits or Throttling in the HDF5 weight loading component in Google Keras 3.0.0 through 3.13.0 on all platforms allows a remote attacker to cause a Denial of Service DoS through memory exhaustion and a crash of the Python interpreter via a crafted .keras archive...

Linux Distros Unpatched Vulnerability : CVE-2025-2924

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability, which was classified as problematic, was found in HDF5 up to 1.14.6. This affects the function H5HLfldeserialize of the file src/H5HLcache.c. T...

SUSE CVE-2025-2914

A vulnerability classified as problematic has been found in HDF5 up to 1.14.6. This affects the function H5FSsinfoSrializeSctcb of the file src/H5FScache.c. The manipulation of the argument sect leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit has...

AZL-40705 CVE-2024-32609 affecting package hdf5 for versions less than 1.14.4-1

HDF5 Library through 1.14.3 allows stack consumption in the function H5Eprintfstack in H5Eint.c...

DEBIAN-CVE-2024-29163

HDF5 through 1.14.3 contains a heap buffer overflow in H5Tbitfind, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution...

PT-2023-35865 · Hdf5 · Hdf5

Name of the Vulnerable Software and Affected Versions: HDF5 affected versions not specified Description: A heap buffer overflow issue has been identified, which can cause a crash. The crash occurs due to a WRITE 1 heap-buffer-overflow. Technical details about the issue include the involvement of...

UBUNTU-CVE-2020-10810

An issue was discovered in HDF5 through 1.12.0. A NULL pointer dereference exists in the function H5ACunpinentry located in H5AC.c. It allows an attacker to cause Denial of Service...

HDF HDF5 out-of-bounds read vulnerability (CNVD-2019-42548)

HDF5 is a data model, library, and file format for storing and managing data. An out-of-bounds read vulnerability exists in the H5MMxstrdup function in H5MM.c in HDF HDF5 1.10.4 when called from H5Odtypedecodehelper in H5Odtype.c. An attacker could exploit this vulnerability to obtain information...

HDF5 Buffer Overflow Vulnerability

HDF5 is a free suite of tools for managing the storage of different types of data that can be managed, manipulated, viewed, analyzed, and generated in portable formats. A buffer overflow vulnerability exists in the 'H5Osdspacedecode' function of the H5Osdspace.c file in HDF5 version 1.8.20. An...

UBUNTU-CVE-2018-14460

An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5Osdspacedecode in H5Osdspace.c...