Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2018-17435

Опубликовано: 24 сент. 2018
Источник: redhat
CVSS3: 4.3
EPSS Низкий

Описание

A heap-based buffer over-read in H5O_attr_decode() in H5Oattr.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service via a crafted HDF5 file. This issue was triggered while converting an HDF file to GIF file.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat OpenStack Platform 10 (Newton)hdf5Fix deferred
Red Hat OpenStack Platform 12 (Pike)hdf5Affected
Red Hat OpenStack Platform 13 (Queens)hdf5Fix deferred
Red Hat OpenStack Platform 14 (Rocky)hdf5Fix deferred
Red Hat OpenStack Platform 8 (Liberty)hdf5Fix deferred
Red Hat OpenStack Platform 9 (Mitaka)hdf5Fix deferred

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-125
https://bugzilla.redhat.com/show_bug.cgi?id=1634125hdf5: buffer over-read in H5O_attr_decode() in H5Oattr.c

EPSS

Процентиль: 74%
0.00809
Низкий

4.3 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2018-17435

CVSS3: 6.5
ubuntu
больше 7 лет назад

A heap-based buffer over-read in H5O_attr_decode() in H5Oattr.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service via a crafted HDF5 file. This issue was triggered while converting an HDF file to GIF file.

nvd логотип

CVE-2018-17435

CVSS3: 6.5
nvd
больше 7 лет назад

A heap-based buffer over-read in H5O_attr_decode() in H5Oattr.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service via a crafted HDF5 file. This issue was triggered while converting an HDF file to GIF file.

debian логотип

CVE-2018-17435

CVSS3: 6.5
debian
больше 7 лет назад

A heap-based buffer over-read in H5O_attr_decode() in H5Oattr.c in the ...

github логотип

GHSA-9fm6-2823-q5f3

CVSS3: 6.5
github
больше 3 лет назад

A heap-based buffer over-read in H5O_attr_decode() in H5Oattr.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service via a crafted HDF5 file. This issue was triggered while converting an HDF file to GIF file.

fstec логотип

BDU:2018-01529

CVSS3: 6.5
fstec
больше 7 лет назад

Уязвимость функции H5O_attr_decode() библиотеки HDF5, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 74%
0.00809
Низкий

4.3 Medium

CVSS3