Vulnerability Details CVE-2021-37501
Buffer Overflow vulnerability in HDFGroup hdf5-h5dump 1.12.0 through 1.13.0 allows attackers to cause a denial of service via h5tools_str_sprint in /hdf5/tools/lib/h5tools_str.c.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 17.7%
CVSS Severity
CVSS v3 Score 7.5
References
- https://github.com/HDFGroup/hdf5
- https://github.com/HDFGroup/hdf5/issues/2458
- https://github.com/ST4RF4LL/Something_Found/blob/main/HDF5_v1.13.0_h5dump_heap_overflow.md
- https://github.com/HDFGroup/hdf5
- https://github.com/HDFGroup/hdf5/issues/2458
- https://github.com/ST4RF4LL/Something_Found/blob/main/HDF5_v1.13.0_h5dump_heap_overflow.md
Products affected by CVE-2021-37501
-
cpe:2.3:a:hdfgroup:hdf5:1.12.0
-
cpe:2.3:a:hdfgroup:hdf5:1.12.1
-
cpe:2.3:a:hdfgroup:hdf5:1.12.2
-
cpe:2.3:a:hdfgroup:hdf5:1.12.2-3
-
cpe:2.3:a:hdfgroup:hdf5:1.13.0