Hdfgroup Hdf5
By the Year
In 2024 there have been 0 vulnerabilities in Hdfgroup Hdf5 . Last year Hdf5 had 3 security vulnerabilities published. Right now, Hdf5 is on track to have less security vulnerabilities in 2024 than it did last year.
Year | Vulnerabilities | Average Score |
---|---|---|
2024 | 0 | 0.00 |
2023 | 3 | 8.37 |
2022 | 10 | 6.72 |
2021 | 0 | 0.00 |
2020 | 4 | 5.50 |
2019 | 5 | 7.42 |
2018 | 35 | 7.97 |
It may take a day or so for new Hdf5 vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Hdfgroup Hdf5 Security Vulnerabilities
Buffer Overflow vulnerability in function H5S_close in H5S.c in HDF5 1.10.4
CVE-2020-18494
8.8 - High
- August 22, 2023
Buffer Overflow vulnerability in function H5S_close in H5S.c in HDF5 1.10.4 allows remote attackers to run arbitrary code via creation of crafted file.
Memory Corruption
Buffer Overflow vulnerability in function H5S_close in H5S.c in HDF5 1.10.4
CVE-2020-18232
8.8 - High
- August 22, 2023
Buffer Overflow vulnerability in function H5S_close in H5S.c in HDF5 1.10.4 allows remote attackers to run arbitrary code via creation of crafted file.
Memory Corruption
Buffer Overflow vulnerability in HDFGroup hdf5-h5dump 1.12.0 through 1.13.0
CVE-2021-37501
7.5 - High
- February 03, 2023
Buffer Overflow vulnerability in HDFGroup hdf5-h5dump 1.12.0 through 1.13.0 allows attackers to cause a denial of service via h5tools_str_sprint in /hdf5/tools/lib/h5tools_str.c.
Memory Corruption
An out-of-bounds read vulnerability exists in the gif2h5 functionality of HDF5 Group libhdf5 1.10.4
CVE-2022-25942
7.8 - High
- August 22, 2022
An out-of-bounds read vulnerability exists in the gif2h5 functionality of HDF5 Group libhdf5 1.10.4. A specially-crafted GIF file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.
Out-of-bounds Read
An out-of-bounds write vulnerability exists in the gif2h5 functionality of HDF5 Group libhdf5 1.10.4
CVE-2022-25972
7.8 - High
- August 22, 2022
An out-of-bounds write vulnerability exists in the gif2h5 functionality of HDF5 Group libhdf5 1.10.4. A specially-crafted GIF file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.
Memory Corruption
A heap-based buffer overflow vulnerability exists in the gif2h5 functionality of HDF5 Group libhdf5 1.10.4
CVE-2022-26061
7.8 - High
- August 22, 2022
A heap-based buffer overflow vulnerability exists in the gif2h5 functionality of HDF5 Group libhdf5 1.10.4. A specially-crafted GIF file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.
Memory Corruption
An untrusted pointer dereference vulnerability exists in HDF5 v1.13.1-1 via the function H5O__dtype_decode_helper () at hdf5/src/H5Odtype.c
CVE-2021-46243
6.5 - Medium
- January 21, 2022
An untrusted pointer dereference vulnerability exists in HDF5 v1.13.1-1 via the function H5O__dtype_decode_helper () at hdf5/src/H5Odtype.c. This vulnerability can lead to a Denial of Service (DoS).
NULL Pointer Dereference
A Divide By Zero vulnerability exists in HDF5 v1.13.1-1 vis the function H5T__complete_copy () at /hdf5/src/H5T.c
CVE-2021-46244
6.5 - Medium
- January 21, 2022
A Divide By Zero vulnerability exists in HDF5 v1.13.1-1 vis the function H5T__complete_copy () at /hdf5/src/H5T.c. This vulnerability causes an aritmetic exception, leading to a Denial of Service (DoS).
Divide By Zero
HDF5 v1.13.1-1 was discovered to contain a heap-use-after free
CVE-2021-46242
8.8 - High
- January 21, 2022
HDF5 v1.13.1-1 was discovered to contain a heap-use-after free via the component H5AC_unpin_entry.
Dangling pointer
A Stack-based Buffer Overflow Vulnerability exists in HDF5 1.13.1-1 at at hdf5/src/H5Eint.c
CVE-2021-45832
5.5 - Medium
- January 05, 2022
A Stack-based Buffer Overflow Vulnerability exists in HDF5 1.13.1-1 at at hdf5/src/H5Eint.c, which causes a Denial of Service (context-dependent).
Stack Exhaustion
A Stack-based Buffer Overflow Vulnerability exists in HDF5 1.13.1-1
CVE-2021-45833
5.5 - Medium
- January 05, 2022
A Stack-based Buffer Overflow Vulnerability exists in HDF5 1.13.1-1 via the H5D__create_chunk_file_map_hyper function in /hdf5/src/H5Dchunk.c, which causes a Denial of Service (context-dependent).
Memory Corruption
A heap-based buffer overflow vulnerability exists in HDF5 1.13.1-1
CVE-2021-45830
5.5 - Medium
- January 05, 2022
A heap-based buffer overflow vulnerability exists in HDF5 1.13.1-1 via H5F_addr_decode_len in /hdf5/src/H5Fint.c, which could cause a Denial of Service.
Memory Corruption
HDF5 1.13.1-1 is affected by: segmentation fault
CVE-2021-45829
5.5 - Medium
- January 03, 2022
HDF5 1.13.1-1 is affected by: segmentation fault, which causes a Denial of Service.
Improper Resource Shutdown or Release
An issue was discovered in HDF5 through 1.12.0
CVE-2020-10812
5.5 - Medium
- March 22, 2020
An issue was discovered in HDF5 through 1.12.0. A NULL pointer dereference exists in the function H5F_get_nrefs() located in H5Fquery.c. It allows an attacker to cause Denial of Service.
NULL Pointer Dereference
An issue was discovered in HDF5 through 1.12.0
CVE-2020-10811
5.5 - Medium
- March 22, 2020
An issue was discovered in HDF5 through 1.12.0. A heap-based buffer over-read exists in the function H5O__layout_decode() located in H5Olayout.c. It allows an attacker to cause Denial of Service.
Out-of-bounds Read
An issue was discovered in HDF5 through 1.12.0
CVE-2020-10810
5.5 - Medium
- March 22, 2020
An issue was discovered in HDF5 through 1.12.0. A NULL pointer dereference exists in the function H5AC_unpin_entry() located in H5AC.c. It allows an attacker to cause Denial of Service.
NULL Pointer Dereference
An issue was discovered in HDF5 through 1.12.0
CVE-2020-10809
5.5 - Medium
- March 22, 2020
An issue was discovered in HDF5 through 1.12.0. A heap-based buffer overflow exists in the function Decompress() located in decompress.c. It can be triggered by sending a crafted file to the gif2h5 binary. It allows an attacker to cause Denial of Service.
Memory Corruption
An issue was discovered in the HDF HDF5 1.10.4 library
CVE-2019-9152
8.8 - High
- February 25, 2019
An issue was discovered in the HDF HDF5 1.10.4 library. There is an out of bounds read in the function H5MM_xstrdup in H5MM.c when called from H5O_dtype_decode_helper in H5Odtype.c.
Out-of-bounds Read
An issue was discovered in the HDF HDF5 1.10.4 library
CVE-2019-9151
8.8 - High
- February 25, 2019
An issue was discovered in the HDF HDF5 1.10.4 library. There is an out of bounds read in the function H5VM_memcpyvv in H5VM.c when called from H5D__compact_readvv in H5Dcompact.c.
Out-of-bounds Read
An issue was discovered in the HDF HDF5 1.10.4 library
CVE-2019-8397
6.5 - Medium
- February 17, 2019
An issue was discovered in the HDF HDF5 1.10.4 library. There is an out of bounds read in the function H5T_close_real in H5T.c.
Out-of-bounds Read
A buffer overflow in H5O__layout_encode in H5Olayout.c in the HDF HDF5 through 1.10.4 library
CVE-2019-8396
6.5 - Medium
- February 17, 2019
A buffer overflow in H5O__layout_encode in H5Olayout.c in the HDF HDF5 through 1.10.4 library allows attackers to cause a denial of service via a crafted HDF5 file. This issue was triggered while repacking an HDF5 file, aka "Invalid write of size 2."
Buffer Overflow
An issue was discovered in the HDF HDF5 1.10.4 library
CVE-2019-8398
6.5 - Medium
- February 17, 2019
An issue was discovered in the HDF HDF5 1.10.4 library. There is an out of bounds read in the function H5T_get_size in H5T.c.
Out-of-bounds Read
A SIGFPE signal is raised in the function H5D__select_io() of H5Dselect.c in the HDF HDF5 through 1.10.3 library during an attempted parse of a crafted HDF file
CVE-2018-17438
6.5 - Medium
- September 24, 2018
A SIGFPE signal is raised in the function H5D__select_io() of H5Dselect.c in the HDF HDF5 through 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection against division by zero. It could allow a remote denial of service attack.
Divide By Zero
An issue was discovered in the HDF HDF5 1.10.3 library
CVE-2018-17439
6.5 - Medium
- September 24, 2018
An issue was discovered in the HDF HDF5 1.10.3 library. There is a stack-based buffer overflow in the function H5S_extent_get_dims() in H5S.c. Specifically, this issue occurs while converting an HDF5 file to a GIF file.
Memory Corruption
Memory leak in the H5O_dtype_decode_helper() function in H5Odtype.c in the HDF HDF5 through 1.10.3 library
CVE-2018-17437
6.5 - Medium
- September 24, 2018
Memory leak in the H5O_dtype_decode_helper() function in H5Odtype.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service (memory consumption) via a crafted HDF5 file.
Missing Release of Resource after Effective Lifetime
ReadCode() in decompress.c in the HDF HDF5 through 1.10.3 library
CVE-2018-17436
6.5 - Medium
- September 24, 2018
ReadCode() in decompress.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service (invalid write access) via a crafted HDF5 file. This issue was triggered while converting a GIF file to an HDF file.
Memory Corruption
A heap-based buffer over-read in H5O_attr_decode() in H5Oattr.c in the HDF HDF5 through 1.10.3 library
CVE-2018-17435
6.5 - Medium
- September 24, 2018
A heap-based buffer over-read in H5O_attr_decode() in H5Oattr.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service via a crafted HDF5 file. This issue was triggered while converting an HDF file to GIF file.
Out-of-bounds Read
A SIGFPE signal is raised in the function apply_filters() of h5repack_filters.c in the HDF HDF5 through 1.10.3 library during an attempted parse of a crafted HDF file
CVE-2018-17434
6.5 - Medium
- September 24, 2018
A SIGFPE signal is raised in the function apply_filters() of h5repack_filters.c in the HDF HDF5 through 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection against division by zero. It could allow a remote denial of service attack.
Divide By Zero
A heap-based buffer overflow in ReadGifImageDesc() in gifread.c in the HDF HDF5 through 1.10.3 library
CVE-2018-17433
6.5 - Medium
- September 24, 2018
A heap-based buffer overflow in ReadGifImageDesc() in gifread.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service via a crafted HDF5 file. This issue was triggered while converting a GIF file to an HDF file.
Memory Corruption
A NULL pointer dereference in H5O_sdspace_encode() in H5Osdspace.c in the HDF HDF5 through 1.10.3 library
CVE-2018-17432
6.5 - Medium
- September 24, 2018
A NULL pointer dereference in H5O_sdspace_encode() in H5Osdspace.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service via a crafted HDF5 file.
NULL Pointer Dereference
A SIGFPE signal is raised in the function H5D__chunk_set_info_real() of H5Dchunk.c in the HDF HDF5 1.10.3 library during an attempted parse of a crafted HDF file
CVE-2018-17237
6.5 - Medium
- September 20, 2018
A SIGFPE signal is raised in the function H5D__chunk_set_info_real() of H5Dchunk.c in the HDF HDF5 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection against division by zero. This issue is different from CVE-2018-11207.
Divide By Zero
A SIGFPE signal is raised in the function H5D__create_chunk_file_map_hyper() of H5Dchunk.c in the HDF HDF5 through 1.10.3 library during an attempted parse of a crafted HDF file
CVE-2018-17233
6.5 - Medium
- September 20, 2018
A SIGFPE signal is raised in the function H5D__create_chunk_file_map_hyper() of H5Dchunk.c in the HDF HDF5 through 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection against division by zero. It could allow a remote denial of service attack.
Divide By Zero
Memory leak in the H5O__chunk_deserialize() function in H5Ocache.c in the HDF HDF5 through 1.10.3 library
CVE-2018-17234
6.5 - Medium
- September 20, 2018
Memory leak in the H5O__chunk_deserialize() function in H5Ocache.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service (memory consumption) via a crafted HDF5 file.
Missing Release of Resource after Effective Lifetime
An issue was discovered in the HDF HDF5 1.8.20 library
CVE-2018-16438
8.8 - High
- September 04, 2018
An issue was discovered in the HDF HDF5 1.8.20 library. There is an out of bounds read in H5L_extern_query at H5Lexternal.c.
Out-of-bounds Read
An issue was discovered in the HDF HDF5 1.10.2 library
CVE-2018-15671
6.5 - Medium
- August 21, 2018
An issue was discovered in the HDF HDF5 1.10.2 library. Excessive stack consumption has been detected in the function H5P__get_cb() in H5Pint.c during an attempted parse of a crafted HDF file. This results in denial of service.
Resource Exhaustion
An issue was discovered in the HDF HDF5 1.8.20 library
CVE-2018-14460
8.8 - High
- July 20, 2018
An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5O_sdspace_decode in H5Osdspace.c.
Out-of-bounds Read
An issue was discovered in the HDF HDF5 1.8.20 library
CVE-2018-14035
8.8 - High
- July 13, 2018
An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5VM_memcpyvv in H5VM.c.
Out-of-bounds Read
An issue was discovered in the HDF HDF5 1.8.20 library
CVE-2018-14034
8.8 - High
- July 13, 2018
An issue was discovered in the HDF HDF5 1.8.20 library. There is an out of bounds read in the function H5O_pline_reset in H5Opline.c.
Out-of-bounds Read
An issue was discovered in the HDF HDF5 1.8.20 library
CVE-2018-14033
8.8 - High
- July 13, 2018
An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5O_layout_decode in H5Olayout.c, related to HDmemcpy.
Out-of-bounds Read
An issue was discovered in the HDF HDF5 1.8.20 library
CVE-2018-14031
8.8 - High
- July 13, 2018
An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5T_copy in H5T.c.
Out-of-bounds Read
An issue was discovered in the HDF HDF5 1.8.20 library
CVE-2018-13876
9.8 - Critical
- July 10, 2018
An issue was discovered in the HDF HDF5 1.8.20 library. There is a stack-based buffer overflow in the function H5FD_sec2_read in H5FDsec2.c, related to HDread.
Memory Corruption
An issue was discovered in the HDF HDF5 1.8.20 library
CVE-2018-13866
9.8 - Critical
- July 10, 2018
An issue was discovered in the HDF HDF5 1.8.20 library. There is a stack-based buffer over-read in the function H5F_addr_decode_len in H5Fint.c.
Out-of-bounds Read
An issue was discovered in the HDF HDF5 1.8.20 library
CVE-2018-13867
9.8 - Critical
- July 10, 2018
An issue was discovered in the HDF HDF5 1.8.20 library. There is an out of bounds read in the function H5F__accum_read in H5Faccum.c.
Out-of-bounds Read
An issue was discovered in the HDF HDF5 1.8.20 library
CVE-2018-13868
9.8 - Critical
- July 10, 2018
An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5O_fill_old_decode in H5Ofill.c.
Out-of-bounds Read
An issue was discovered in the HDF HDF5 1.8.20 library
CVE-2018-13869
9.8 - Critical
- July 10, 2018
An issue was discovered in the HDF HDF5 1.8.20 library. There is a memcpy parameter overlap in the function H5O_link_decode in H5Olink.c.
Buffer Overflow
An issue was discovered in the HDF HDF5 1.8.20 library
CVE-2018-13870
9.8 - Critical
- July 10, 2018
An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5O_link_decode in H5Olink.c.
Out-of-bounds Read
An issue was discovered in the HDF HDF5 1.8.20 library
CVE-2018-13871
9.8 - Critical
- July 10, 2018
An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer overflow in the function H5FL_blk_malloc in H5FL.c.
Memory Corruption
An issue was discovered in the HDF HDF5 1.8.20 library
CVE-2018-13872
9.8 - Critical
- July 10, 2018
An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer overflow in the function H5G_ent_decode in H5Gent.c.
Memory Corruption
An issue was discovered in the HDF HDF5 1.8.20 library
CVE-2018-13873
9.8 - Critical
- July 10, 2018
An issue was discovered in the HDF HDF5 1.8.20 library. There is a buffer over-read in H5O_chunk_deserialize in H5Ocache.c.
Out-of-bounds Read
An issue was discovered in the HDF HDF5 1.8.20 library
CVE-2018-13874
9.8 - Critical
- July 10, 2018
An issue was discovered in the HDF HDF5 1.8.20 library. There is a stack-based buffer overflow in the function H5FD_sec2_read in H5FDsec2.c, related to HDmemset.
Memory Corruption
An issue was discovered in the HDF HDF5 1.8.20 library
CVE-2018-13875
7.8 - High
- July 10, 2018
An issue was discovered in the HDF HDF5 1.8.20 library. There is an out-of-bounds read in the function H5VM_memcpyvv in H5VM.c.
Out-of-bounds Read
A division by zero was discovered in H5D__chunk_init in H5Dchunk.c in the HDF HDF5 1.10.2 library
CVE-2018-11207
6.5 - Medium
- May 16, 2018
A division by zero was discovered in H5D__chunk_init in H5Dchunk.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service attack.
Divide By Zero
An out of bounds read was discovered in H5O_fill_new_decode and H5O_fill_old_decode in H5Ofill.c in the HDF HDF5 1.10.2 library
CVE-2018-11206
8.1 - High
- May 16, 2018
An out of bounds read was discovered in H5O_fill_new_decode and H5O_fill_old_decode in H5Ofill.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service or information disclosure attack.
Out-of-bounds Read
A out of bounds read was discovered in H5VM_memcpyvv in H5VM.c in the HDF HDF5 1.10.2 library
CVE-2018-11205
8.1 - High
- May 16, 2018
A out of bounds read was discovered in H5VM_memcpyvv in H5VM.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service or information disclosure attack.
Out-of-bounds Read
A NULL pointer dereference was discovered in H5O__chunk_deserialize in H5Ocache.c in the HDF HDF5 1.10.2 library
CVE-2018-11204
6.5 - Medium
- May 16, 2018
A NULL pointer dereference was discovered in H5O__chunk_deserialize in H5Ocache.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service attack.
NULL Pointer Dereference
A division by zero was discovered in H5D__btree_decode_key in H5Dbtree.c in the HDF HDF5 1.10.2 library
CVE-2018-11203
6.5 - Medium
- May 16, 2018
A division by zero was discovered in H5D__btree_decode_key in H5Dbtree.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service attack.
Divide By Zero
A NULL pointer dereference was discovered in H5S_hyper_make_spans in H5Shyper.c in the HDF HDF5 1.10.2 library
CVE-2018-11202
6.5 - Medium
- May 16, 2018
A NULL pointer dereference was discovered in H5S_hyper_make_spans in H5Shyper.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service attack.
NULL Pointer Dereference
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Hdfgroup Hdf5 or by Hdfgroup? Click the Watch button to subscribe.