Shodan
Vulnerabilities
Vulnerable Software
Hdfgroup:  >> Hdf5  >> 1.10.1  Security Vulnerabilities
CVE-2018-17432
A NULL pointer dereference in H5O_sdspace_encode() in H5Osdspace.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service via a crafted HDF5 file.
CVSS Score
6.5
EPSS Score
0.007
Published
2018-09-24
CVE-2018-17433
A heap-based buffer overflow in ReadGifImageDesc() in gifread.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service via a crafted HDF5 file. This issue was triggered while converting a GIF file to an HDF file.
CVSS Score
6.5
EPSS Score
0.004
Published
2018-09-24
CVE-2018-17434
A SIGFPE signal is raised in the function apply_filters() of h5repack_filters.c in the HDF HDF5 through 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection against division by zero. It could allow a remote denial of service attack.
CVSS Score
6.5
EPSS Score
0.003
Published
2018-09-24
CVE-2018-17435
A heap-based buffer over-read in H5O_attr_decode() in H5Oattr.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service via a crafted HDF5 file. This issue was triggered while converting an HDF file to GIF file.
CVSS Score
6.5
EPSS Score
0.006
Published
2018-09-24
CVE-2018-17436
ReadCode() in decompress.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service (invalid write access) via a crafted HDF5 file. This issue was triggered while converting a GIF file to an HDF file.
CVSS Score
6.5
EPSS Score
0.004
Published
2018-09-24
CVE-2018-17233
A SIGFPE signal is raised in the function H5D__create_chunk_file_map_hyper() of H5Dchunk.c in the HDF HDF5 through 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection against division by zero. It could allow a remote denial of service attack.
CVSS Score
6.5
EPSS Score
0.004
Published
2018-09-20
CVE-2018-17234
Memory leak in the H5O__chunk_deserialize() function in H5Ocache.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service (memory consumption) via a crafted HDF5 file.
CVSS Score
6.5
EPSS Score
0.001
Published
2018-09-20
CVE-2018-17237
A SIGFPE signal is raised in the function H5D__chunk_set_info_real() of H5Dchunk.c in the HDF HDF5 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection against division by zero. This issue is different from CVE-2018-11207.
CVSS Score
6.5
EPSS Score
0.001
Published
2018-09-20
CVE-2017-17505
In HDF5 1.10.1, there is a NULL pointer dereference in the function H5O_pline_decode in the H5Opline.c file in libhdf5.a. For example, h5dump would crash when someone opens a crafted hdf5 file.
CVSS Score
6.5
EPSS Score
0.005
Published
2017-12-11
CVE-2017-17506
In HDF5 1.10.1, there is an out of bounds read vulnerability in the function H5Opline_pline_decode in H5Opline.c in libhdf5.a. For example, h5dump would crash when someone opens a crafted hdf5 file.
CVSS Score
6.5
EPSS Score
0.005
Published
2017-12-11


Products
Pricing
Contact Us

Shodan ® - All rights reserved