Hdf5 Security Vulnerabilities and Issues — Hdf5 CVE List

Lucene search

HdfgroupHdf5

28 matches found

CVE•added 2018/07/20 3:29 p.m.•79 views

CVE-2018-14460

An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5O_sdspace_decode in H5Osdspace.c.

8.8CVSS6.7AI score0.00338EPSS

CVE•added 2018/07/13 2:29 a.m.•77 views

CVE-2018-14033

An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5O_layout_decode in H5Olayout.c, related to HDmemcpy.

8.8CVSS6.6AI score0.00569EPSS

CVE•added 2024/05/14 3:36 p.m.•76 views

CVE-2024-32617

HDF5 Library through 1.14.3 contains a heap-based buffer over-read caused by the unsafe use of strdup in H5MM_xstrdup in H5MM.c (called from H5G__ent_to_link in H5Glink.c).

8.8CVSS6.9AI score0.00318EPSS

CVE•added 2018/05/16 3:29 p.m.•73 views

CVE-2018-11206

An out of bounds read was discovered in H5O_fill_new_decode and H5O_fill_old_decode in H5Ofill.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service or information disclosure attack.

8.1CVSS6.3AI score0.00648EPSS

CVE•added 2019/02/25 7:29 p.m.•72 views

CVE-2019-9151

An issue was discovered in the HDF HDF5 1.10.4 library. There is an out of bounds read in the function H5VM_memcpyvv in H5VM.c when called from H5D__compact_readvv in H5Dcompact.c.

8.8CVSS8.5AI score0.00418EPSS

CVE•added 2024/05/14 3:36 p.m.•72 views

CVE-2024-32614

HDF5 Library through 1.14.3 has a SEGV in H5VM_memcpyvv in H5VM.c.

8.8CVSS6.7AI score0.00288EPSS

CVE•added 2024/05/14 3:38 p.m.•66 views

CVE-2024-33873

HDF5 Library through 1.14.3 has a heap-based buffer overflow in H5D__scatter_mem in H5Dscatgath.c.

8.8CVSS7.3AI score0.00361EPSS

CVE•added 2016/11/18 8:59 p.m.•64 views

CVE-2016-4332

The library's failure to check if certain message types support a particular flag, the HDF5 1.8.16 library will cast the structure to an alternative structure and then assign to fields that aren't supported by the message type and the library will write outside the bounds of the heap buffer. This c...

8.6CVSS8.5AI score0.00073EPSS

CVE•added 2018/07/13 2:29 a.m.•63 views

CVE-2018-14031

An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5T_copy in H5T.c.

8.8CVSS8.5AI score0.00291EPSS

CVE•added 2024/05/14 3:15 p.m.•63 views

CVE-2024-29161

HDF5 through 1.14.3 contains a heap buffer overflow in H5A__attr_release_table, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution.

8.8CVSS8AI score0.00297EPSS

CVE•added 2024/05/14 3:38 p.m.•63 views

CVE-2024-33877

HDF5 Library through 1.14.3 has a heap-based buffer overflow in H5T__conv_struct_opt in H5Tconv.c.

8.8CVSS7.2AI score0.00433EPSS

CVE•added 2024/05/14 3:36 p.m.•61 views

CVE-2024-32605

HDF5 Library through 1.14.3 has a heap-based buffer over-read in H5VM_memcpyvv in H5VM.c (called from H5D__compact_readvv in H5Dcompact.c).

8.8CVSS6.9AI score0.00346EPSS

CVE•added 2024/05/14 3:36 p.m.•61 views

CVE-2024-32623

HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5VM_array_fill in H5VM.c (called from H5S_select_elements in H5Spoint.c).

8.8CVSS7.2AI score0.00433EPSS

CVE•added 2025/03/10 2:15 p.m.•60 views

CVE-2025-2153

A vulnerability, which was classified as critical, was found in HDF5 1.14.6. Affected is the function H5SM_delete of the file H5SM.c of the component h5 File Handler. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack remotely. The complexity of an attack is r...

8.1CVSS7.3AI score0.00074EPSS

CVE•added 2016/11/18 8:59 p.m.•59 views

CVE-2016-4330

In the HDF5 1.8.16 library's failure to check if the number of dimensions for an array read from the file is within the bounds of the space allocated for it, a heap-based buffer overflow will occur, potentially leading to arbitrary code execution.

8.6CVSS8.7AI score0.00108EPSS

CVE•added 2018/05/16 3:29 p.m.•59 views

CVE-2018-11205

A out of bounds read was discovered in H5VM_memcpyvv in H5VM.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service or information disclosure attack.

8.1CVSS7.7AI score0.00668EPSS

CVE•added 2018/07/13 2:29 a.m.•57 views

CVE-2018-14035

An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5VM_memcpyvv in H5VM.c.

8.8CVSS8.7AI score0.00396EPSS

CVE•added 2016/11/18 8:59 p.m.•56 views

CVE-2016-4333

The HDF5 1.8.16 library allocating space for the array using a value from the file has an impact within the loop for initializing said array allowing a value within the file to modify the loop's terminator. Due to this, an aggressor can cause the loop's index to point outside the bounds of the arra...

8.6CVSS8.2AI score0.00109EPSS

CVE•added 2022/01/21 9:15 p.m.•56 views

CVE-2021-46242

HDF5 v1.13.1-1 was discovered to contain a heap-use-after free via the component H5AC_unpin_entry.

8.8CVSS8.5AI score0.00108EPSS

CVE•added 2016/11/18 8:59 p.m.•55 views

CVE-2016-4331

When decoding data out of a dataset encoded with the H5Z_NBIT decoding, the HDF5 1.8.16 library will fail to ensure that the precision is within the bounds of the size leading to arbitrary code execution.

8.6CVSS8.6AI score0.00139EPSS

CVE•added 2018/09/04 12:29 a.m.•52 views

CVE-2018-16438

An issue was discovered in the HDF HDF5 1.8.20 library. There is an out of bounds read in H5L_extern_query at H5Lexternal.c.

8.8CVSS8.4AI score0.00414EPSS

CVE•added 2017/12/11 3:29 a.m.•51 views

CVE-2017-17509

In HDF5 1.10.1, there is an out of bounds write vulnerability in the function H5G__ent_decode_vec in H5Gcache.c in libhdf5.a. For example, h5dump would crash or possibly have unspecified other impact someone opens a crafted hdf5 file.

8.8CVSS9.1AI score0.00397EPSS

CVE•added 2025/05/30 4:15 a.m.•51 views

CVE-2025-44905

hdf5 v1.14.6 was discovered to contain a heap buffer overflow via the H5Z__filter_scaleoffset function.

8.8CVSS8.1AI score0.00059EPSS

CVE•added 2025/05/30 4:15 a.m.•50 views

CVE-2025-44904

hdf5 v1.14.6 was discovered to contain a heap buffer overflow via the H5VM_memcpyvv function.

8.8CVSS8.1AI score0.00059EPSS

CVE•added 2018/07/13 2:29 a.m.•47 views

CVE-2018-14034

An issue was discovered in the HDF HDF5 1.8.20 library. There is an out of bounds read in the function H5O_pline_reset in H5Opline.c.

8.8CVSS8.5AI score0.00396EPSS

CVE•added 2019/02/25 7:29 p.m.•46 views

CVE-2019-9152

An issue was discovered in the HDF HDF5 1.10.4 library. There is an out of bounds read in the function H5MM_xstrdup in H5MM.c when called from H5O_dtype_decode_helper in H5Odtype.c.

8.8CVSS8.6AI score0.00396EPSS

CVE•added 2023/08/22 7:15 p.m.•37 views

CVE-2020-18232

Buffer Overflow vulnerability in function H5S_close in H5S.c in HDF5 1.10.4 allows remote attackers to run arbitrary code via creation of crafted file.

8.8CVSS8.8AI score0.01246EPSS

CVE•added 2023/08/22 7:15 p.m.•28 views

CVE-2020-18494

Buffer Overflow vulnerability in function H5S_close in H5S.c in HDF5 1.10.4 allows remote attackers to run arbitrary code via creation of crafted file.

8.8CVSS8.8AI score0.01238EPSS