CVE-2021-45830

Опубликовано: 05 янв. 2022

Источник: redhat

CVSS3: 5.5

Описание

A heap-based buffer overflow vulnerability exists in HDF5 1.13.1-1 via H5F_addr_decode_len in /hdf5/src/H5Fint.c, which could cause a Denial of Service.

Отчет

In Red Hat OpenStack Platform 16 the hdf5 package is not actually utilized. Red Hat OpenStack Platform 13 will be retiring soon. For these reasons and because the flaw's impact is lower, no update will be provided at this time for the hdf5 package.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat OpenStack Platform 13 (Queens)	hdf5	Out of support scope
Red Hat OpenStack Platform 16.1	hdf5	Will not fix

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low

Дефект:

CWE-787

https://bugzilla.redhat.com/show_bug.cgi?id=2049121hdf5: heap buffer overflow vulnerability in H5F_addr_decode_len in /hdf5/src/H5Fint.c

5.5 Medium

CVSS3

Связанные уязвимости

CVE-2021-45830

CVSS3: 5.5

ubuntu

около 4 лет назад

A heap-based buffer overflow vulnerability exists in HDF5 1.13.1-1 via H5F_addr_decode_len in /hdf5/src/H5Fint.c, which could cause a Denial of Service.

CVE-2021-45830

CVSS3: 5.5

nvd

около 4 лет назад

A heap-based buffer overflow vulnerability exists in HDF5 1.13.1-1 via H5F_addr_decode_len in /hdf5/src/H5Fint.c, which could cause a Denial of Service.

CVE-2021-45830

CVSS3: 5.5

debian

около 4 лет назад

A heap-based buffer overflow vulnerability exists in HDF5 1.13.1-1 via ...

GHSA-5h2h-fjjr-x9m2

github

около 4 лет назад

A heap-based buffer overflow vulnerability exists in HDF5 1.13.1-1 via H5F_addr_decode_len in /hdf5/src/H5Fint.c, which could cause a Denial of Service.

BDU:2024-07117

CVSS3: 5.5

fstec

около 4 лет назад

Уязвимость функции H5F_addr_decode_len() в файле H5Fint.c. библиотеки HDF5, позволяющая нарушителю вызвать отказ в обслуживании

5.5 Medium

CVSS3