CVE-2021-45830

Опубликовано: 05 янв. 2022

Источник: debian

EPSS Низкий

Описание

A heap-based buffer overflow vulnerability exists in HDF5 1.13.1-1 via H5F_addr_decode_len in /hdf5/src/H5Fint.c, which could cause a Denial of Service.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
hdf5	fixed	1.14.5+repack-1		package

Примечания

https://github.com/HDFGroup/hdf5/issues/1314
https://github.com/advisories/GHSA-5h2h-fjjr-x9m2
https://github.com/HDFGroup/hdf5/issues/2228
https://github.com/HDFGroup/hdf5/pull/2229
https://github.com/HDFGroup/hdf5/commit/659bc99fd139e16fdf47b31b635f158b72e3f5a4
Negligible security impact, malicous scientific data has more issues than a crash...

EPSS

Процентиль: 26%

0.00086

Низкий

Связанные уязвимости

CVE-2021-45830

CVSS3: 5.5

ubuntu

больше 3 лет назад

A heap-based buffer overflow vulnerability exists in HDF5 1.13.1-1 via H5F_addr_decode_len in /hdf5/src/H5Fint.c, which could cause a Denial of Service.

CVE-2021-45830

CVSS3: 5.5

redhat

больше 3 лет назад

A heap-based buffer overflow vulnerability exists in HDF5 1.13.1-1 via H5F_addr_decode_len in /hdf5/src/H5Fint.c, which could cause a Denial of Service.

CVE-2021-45830

CVSS3: 5.5

nvd

больше 3 лет назад

A heap-based buffer overflow vulnerability exists in HDF5 1.13.1-1 via H5F_addr_decode_len in /hdf5/src/H5Fint.c, which could cause a Denial of Service.

GHSA-5h2h-fjjr-x9m2

github

больше 3 лет назад

A heap-based buffer overflow vulnerability exists in HDF5 1.13.1-1 via H5F_addr_decode_len in /hdf5/src/H5Fint.c, which could cause a Denial of Service.

BDU:2024-07117

CVSS3: 5.5

fstec

больше 3 лет назад

Уязвимость функции H5F_addr_decode_len() в файле H5Fint.c. библиотеки HDF5, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 26%

0.00086

Низкий