Hdf5 Security Vulnerabilities and Issues — Hdf5 CVE List

Lucene search

HdfgroupHdf5

26 matches found

CVE•added 2024/05/14 3:36 p.m.•104 views

CVE-2024-32610

HDF5 Library through 1.14.3 has a SEGV in H5T_close_real in H5T.c, resulting in a corrupted instruction pointer.

5.7CVSS6.7AI score0.00051EPSS

CVE•added 2024/05/14 3:38 p.m.•102 views

CVE-2024-33875

HDF5 Library through 1.14.3 has a heap-based buffer overflow in H5O__layout_encode in H5Olayout.c, resulting in the corruption of the instruction pointer.

5.7CVSS7.4AI score0.00062EPSS

CVE•added 2020/03/22 6:15 p.m.•101 views

CVE-2020-10811

An issue was discovered in HDF5 through 1.12.0. A heap-based buffer over-read exists in the function H5O__layout_decode() located in H5Olayout.c. It allows an attacker to cause Denial of Service.

5.5CVSS5.6AI score0.00406EPSS

CVE•added 2024/05/14 3:36 p.m.•101 views

CVE-2024-32607

HDF5 Library through 1.14.3 has a SEGV in H5A__close in H5Aint.c, resulting in the corruption of the instruction pointer.

5.7CVSS6.9AI score0.00061EPSS

CVE•added 2024/05/14 3:15 p.m.•100 views

CVE-2024-29166

HDF5 through 1.14.3 contains a buffer overflow in H5O__linfo_decode, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution.

5.7CVSS8AI score0.00053EPSS

CVE•added 2024/05/14 3:36 p.m.•94 views

CVE-2024-32606

HDF5 Library through 1.14.3 may attempt to dereference uninitialized values in h5tools_str_sprint in tools/lib/h5tools_str.c (called from h5tools_dump_simple_data in tools/lib/h5tools_dump.c).

5.7CVSS6.7AI score0.00135EPSS

CVE•added 2024/05/14 3:38 p.m.•93 views

CVE-2024-33876

HDF5 Library through 1.14.3 has a heap buffer overflow in H5S__point_deserialize in H5Spoint.c.

5.7CVSS7.2AI score0.00075EPSS

CVE•added 2020/03/22 6:15 p.m.•80 views

CVE-2020-10809

An issue was discovered in HDF5 through 1.12.0. A heap-based buffer overflow exists in the function Decompress() located in decompress.c. It can be triggered by sending a crafted file to the gif2h5 binary. It allows an attacker to cause Denial of Service.

5.5CVSS5.7AI score0.00479EPSS

CVE•added 2020/03/22 6:15 p.m.•79 views

CVE-2020-10812

An issue was discovered in HDF5 through 1.12.0. A NULL pointer dereference exists in the function H5F_get_nrefs() located in H5Fquery.c. It allows an attacker to cause Denial of Service.

5.5CVSS5.4AI score0.00095EPSS

CVE•added 2020/03/22 6:15 p.m.•78 views

CVE-2020-10810

An issue was discovered in HDF5 through 1.12.0. A NULL pointer dereference exists in the function H5AC_unpin_entry() located in H5AC.c. It allows an attacker to cause Denial of Service.

5.5CVSS5.5AI score0.00171EPSS

CVE•added 2022/01/03 10:15 p.m.•68 views

CVE-2021-45829

HDF5 1.13.1-1 is affected by: segmentation fault, which causes a Denial of Service.

5.5CVSS5.4AI score0.00266EPSS

CVE•added 2022/01/05 8:15 p.m.•67 views

CVE-2021-45830

A heap-based buffer overflow vulnerability exists in HDF5 1.13.1-1 via H5F_addr_decode_len in /hdf5/src/H5Fint.c, which could cause a Denial of Service.

5.5CVSS5.7AI score0.0009EPSS

CVE•added 2022/01/05 9:15 p.m.•65 views

CVE-2021-45833

A Stack-based Buffer Overflow Vulnerability exists in HDF5 1.13.1-1 via the H5D__create_chunk_file_map_hyper function in /hdf5/src/H5Dchunk.c, which causes a Denial of Service (context-dependent).

5.5CVSS5.5AI score0.0009EPSS

CVE•added 2025/03/28 5:15 p.m.•60 views

CVE-2025-2915

A vulnerability classified as problematic was found in HDF5 up to 1.14.6. This vulnerability affects the function H5F__accum_free of the file src/H5Faccum.c. The manipulation of the argument overlap_size leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been d...

5.5CVSS7.2AI score0.0002EPSS

CVE•added 2022/01/05 9:15 p.m.•57 views

CVE-2021-45832

A Stack-based Buffer Overflow Vulnerability exists in HDF5 1.13.1-1 at at hdf5/src/H5Eint.c, which causes a Denial of Service (context-dependent).

5.5CVSS5.3AI score0.00268EPSS

CVE•added 2025/03/28 8:15 p.m.•54 views

CVE-2025-2926

A vulnerability was found in HDF5 up to 1.14.6 and classified as problematic. This issue affects the function H5O__cache_chk_serialize of the file src/H5Ocache.c. The manipulation leads to null pointer dereference. An attack has to be approached locally. The exploit has been disclosed to the public...

5.5CVSS7.1AI score0.00019EPSS

CVE•added 2025/03/28 4:15 p.m.•50 views

CVE-2025-2912

A vulnerability was found in HDF5 up to 1.14.6. It has been declared as problematic. Affected by this vulnerability is the function H5O_msg_flush of the file src/H5Omessage.c. The manipulation of the argument oh leads to heap-based buffer overflow. The attack needs to be approached locally. The exp...

5.3CVSS7.3AI score0.0002EPSS

CVE•added 2025/03/28 8:15 p.m.•50 views

CVE-2025-2924

A vulnerability, which was classified as problematic, was found in HDF5 up to 1.14.6. This affects the function H5HL__fl_deserialize of the file src/H5HLcache.c. The manipulation of the argument free_block leads to heap-based buffer overflow. It is possible to launch the attack on the local host. T...

5.5CVSS7.1AI score0.0002EPSS

CVE•added 2025/03/28 8:15 p.m.•47 views

CVE-2025-2925

A vulnerability has been found in HDF5 up to 1.14.6 and classified as problematic. This vulnerability affects the function H5MM_realloc of the file src/H5MM.c. The manipulation of the argument mem leads to double free. The attack needs to be approached locally. The exploit has been disclosed to the...

5.5CVSS7.1AI score0.0002EPSS

CVE•added 2025/03/28 5:15 p.m.•40 views

CVE-2025-2913

A vulnerability was found in HDF5 up to 1.14.6. It has been rated as problematic. Affected by this issue is the function H5FL__blk_gc_list of the file src/H5FL.c. The manipulation of the argument H5FL_blk_head_t leads to use after free. An attack has to be approached locally. The exploit has been d...

5.3CVSS7AI score0.0002EPSS

CVE•added 2025/06/19 4:15 p.m.•10 views

CVE-2025-6269

A vulnerability classified as critical was found in HDF5 up to 1.14.6. Affected by this vulnerability is the function H5C__reconstruct_cache_entry of the file H5Cimage.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the ...

5.3CVSS5.4AI score0.00032EPSS

CVE•added 2025/07/04 6:15 p.m.•10 views

CVE-2025-7067

A vulnerability classified as problematic was found in HDF5 1.14.6. This vulnerability affects the function H5FS__sinfo_serialize_node_cb of the file src/H5FScache.c. The manipulation leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit has been disclos...

5.5CVSS4AI score0.00025EPSS

CVE•added 2025/07/04 9:15 p.m.•10 views

CVE-2025-7068

A vulnerability, which was classified as problematic, has been found in HDF5 1.14.6. This issue affects the function H5FL__malloc of the file src/H5FL.c. The manipulation leads to memory leak. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used.

5.5CVSS3.9AI score0.00025EPSS

CVE•added 2025/07/04 9:15 p.m.•10 views

CVE-2025-7069

A vulnerability, which was classified as problematic, was found in HDF5 1.14.6. Affected is the function H5FS__sect_link_size of the file src/H5FSsection.c. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to...

5.5CVSS4AI score0.00025EPSS

CVE•added 2025/06/19 5:15 p.m.•7 views

CVE-2025-6270

A vulnerability, which was classified as critical, has been found in HDF5 up to 1.14.6. Affected by this issue is the function H5FS__sect_find_node of the file H5FSsection.c. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has...

5.3CVSS5.3AI score0.00032EPSS

CVE•added 2025/06/29 11:15 a.m.•7 views

CVE-2025-6858

A vulnerability was found in HDF5 1.14.6 and classified as problematic. Affected by this issue is the function H5C__flush_single_entry of the file src/H5Centry.c. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The exploit has been disclosed to the pub...

5.5CVSS7.1AI score0.00025EPSS