CVE-2019-9152

Опубликовано: 25 фев. 2019

Источник: nvd

CVSS3: 8.8

CVSS2: 6.8

EPSS Низкий

Описание

An issue was discovered in the HDF HDF5 1.10.4 library. There is an out of bounds read in the function H5MM_xstrdup in H5MM.c when called from H5O_dtype_decode_helper in H5Odtype.c.

Ссылки

https://github.com/magicSwordsMan/PAAFS/tree/master/vul8
Exploit
Third Party Advisory
https://github.com/magicSwordsMan/PAAFS/tree/master/vul8
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:hdfgroup:hdf5:1.10.4:*:*:*:*:*:*:*

EPSS

Процентиль: 60%

0.00396

Низкий

8.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-125

Связанные уязвимости

CVE-2019-9152

CVSS3: 8.8

ubuntu

почти 7 лет назад

An issue was discovered in the HDF HDF5 1.10.4 library. There is an out of bounds read in the function H5MM_xstrdup in H5MM.c when called from H5O_dtype_decode_helper in H5Odtype.c.

CVE-2019-9152

CVSS3: 5.3

redhat

почти 7 лет назад

An issue was discovered in the HDF HDF5 1.10.4 library. There is an out of bounds read in the function H5MM_xstrdup in H5MM.c when called from H5O_dtype_decode_helper in H5Odtype.c.

CVE-2019-9152

CVSS3: 8.8

debian

почти 7 лет назад

An issue was discovered in the HDF HDF5 1.10.4 library. There is an ou ...

GHSA-4m46-2257-r2fq

CVSS3: 8.8

github

больше 3 лет назад

An issue was discovered in the HDF HDF5 1.10.4 library. There is an out of bounds read in the function H5MM_xstrdup in H5MM.c when called from H5O_dtype_decode_helper in H5Odtype.c.

EPSS

Процентиль: 60%

0.00396

Низкий

8.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-125