cve
base
Products
Trending
About
Docs
Pricing
CVE-2024-32619
— Heap-based Buffer Overflow in Hdf5
Save
CWE-122
— Heap-based Buffer Overflow
6 documents
6 sources
Severity
7.4
HIGH
NVD
CVSS:3.1
EPSS
0.1%
top 75.00%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
10
Hdfgroup Hdf5
Debian Hdf5
Msrc Azl3 Hdf5 1.14.3-1 ON Azure Linux 3.0
+7 more
Timeline
Published
May 14
Description
HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5T_copy_reopen in H5T.c, resulting in the corruption of the instruction pointer.
CVSS vector
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability: 1.4 | Impact: 5.9
Attack Vector:
Local
Complexity:
High
Privileges:
None
User Interaction:
None
Scope:
Unchanged
Confidentiality:
High
Integrity:
High
Availability:
High
▶
EPSS history
Affected Packages
11 packages
▶
debian
debian/hdf5
<
hdf5 1.14.5+repack-1 (forky)
▶
NVD
hdfgroup/hdf5
<
1.14.4
▶
Debian
hdfgroup/hdf5
<
1.14.5+repack-1
+1
▶
msrc
msrc/azl3_hdf5_1.14.3-1_on_azure_linux_3.0
▶
msrc
msrc/cbl2_hdf5_1.14.4-1_on_cbl_mariner_2.0
Show 6 more packages
🔴
Vulnerability Details
2
OSV
CVE-2024-32619: HDF5 Library through 1
↗
2024-05-14
▶
GHSA
GHSA-22hh-9pxh-mm6v: HDF5 Library through 1
↗
2024-05-14
▶
📋
Vendor Advisories
3
Microsoft
HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5T_copy_reopen in H5T.c resulting in the corruption of the instruction pointer.
↗
2024-05-14
▶
Red Hat
hdf5: multiple CVEs
↗
2024-05-10
▶
Debian
CVE-2024-32619: hdf5 - HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5T_copy_re...
↗
2024
▶
Search