Search CVE reports

1 – 10 of 18 results

Detailed view

Sort by:

CVE-2025-2153

Medium priority

Needs evaluation

A vulnerability, which was classified as critical, was found in HDF5 1.14.6. Affected is the function H5SM_delete of the file H5SM.c of the component h5 File Handler. The manipulation leads to heap-based buffer overflow. It is...

5 affected packages

hdf5, insighttoolkit, insighttoolkit4, insighttoolkit5, paraview

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
hdf5	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
insighttoolkit	Not in release	Not in release	Not in release	—
insighttoolkit4	Not in release	Needs evaluation	Needs evaluation	Needs evaluation
insighttoolkit5	Needs evaluation	Needs evaluation	Not in release	—
paraview	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2021-46244

Low priority

Needs evaluation

A Divide By Zero vulnerability exists in HDF5 v1.13.1-1 vis the function H5T__complete_copy () at /hdf5/src/H5T.c. This vulnerability causes an aritmetic exception, leading to a Denial of Service (DoS).

8 affected packages

hdf5, insighttoolkit4, kissplice, paraview, r-bloc-rhdf5...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
hdf5	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
insighttoolkit4	Not in release	Needs evaluation	Needs evaluation	Needs evaluation
kissplice	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
paraview	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
r-bloc-rhdf5	—	—	—	—
vtk	—	—	—	—
vtk6	—	—	Needs evaluation	Needs evaluation
xdmf	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2021-46243

Medium priority

Needs evaluation

An untrusted pointer dereference vulnerability exists in HDF5 v1.13.1-1 via the function H5O__dtype_decode_helper () at hdf5/src/H5Odtype.c. This vulnerability can lead to a Denial of Service (DoS).

6 affected packages

hdf5, insighttoolkit4, kissplice, paraview, vtk, xdmf

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
hdf5	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
insighttoolkit4	Not in release	Needs evaluation	Needs evaluation	Needs evaluation
kissplice	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
paraview	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
vtk	—	—	—	—
xdmf	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2021-46242

Medium priority

Needs evaluation

HDF5 v1.13.1-1 was discovered to contain a heap-use-after free via the component H5AC_unpin_entry.

6 affected packages

hdf5, insighttoolkit4, kissplice, paraview, vtk, xdmf

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
hdf5	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
insighttoolkit4	Not in release	Needs evaluation	Needs evaluation	Needs evaluation
kissplice	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
paraview	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
vtk	—	—	—	—
xdmf	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2021-46143

Medium priority

Some fixes available 28 of 310

In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer overflow exists for m_groupSize.

50 affected packages

apache2, apr-util, astropy, audacity, ayttm...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
apache2	Not affected	Not affected	Not affected	Not affected
apr-util	Not affected	Not affected	Not affected	Not affected
astropy	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
audacity	Not affected	Not affected	Not affected	Not affected
ayttm	Not in release	Not in release	Not in release	Not in release
cableswig	Not in release	Not in release	Not in release	Not in release
cadaver	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
cmake	Not affected	Not affected	Not affected	Not affected
coda	Needs evaluation	Needs evaluation	Needs evaluation	—
coin3	Not affected	Not affected	Not affected	Needs evaluation
emboss	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
expat	Fixed	Fixed	Fixed	Fixed
firefox	Fixed	Fixed	Fixed	Fixed
gdcm	Not affected	Not affected	Not affected	Not affected
ghostscript	Not affected	Not affected	Not affected	Not affected
harp	Needs evaluation	Needs evaluation	Needs evaluation	—
ibm-3270	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
insighttoolkit	Not in release	Not in release	Not in release	Not in release
insighttoolkit4	Not in release	Not affected	Not affected	Not affected
insighttoolkit5	Needs evaluation	Needs evaluation	—	—
libsynthesis	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
libxmltok	Fixed	Fixed	Fixed	Fixed
mame	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
matanza	Ignored	Ignored	Ignored	Ignored
opencollada	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
paraview	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
poco	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
python2.7	Not in release	Not affected	Not affected	Not affected
python3.10	Not in release	Not affected	Not in release	Not in release
python3.4	Not in release	Not in release	Not in release	Not in release
python3.5	Not in release	Not in release	Not in release	Not in release
python3.6	Not in release	Not in release	Not in release	Not affected
python3.7	Not in release	Not in release	Not in release	Not affected
python3.8	Not in release	Not in release	Not affected	Not affected
python3.9	Not in release	Not in release	Not affected	Not in release
qtwebengine-opensource-src	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
sitecopy	Not in release	Needs evaluation	Needs evaluation	Needs evaluation
smart	Not in release	Not in release	Not in release	Not affected
swish-e	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
tdom	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
texlive-bin	Not affected	Not affected	Not affected	Not affected
thunderbird	Not affected	Not affected	Not affected	Ignored
tla	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
visp	Needs evaluation	Needs evaluation	—	Needs evaluation
vnc4	Not in release	Not in release	Not in release	Needs evaluation
vtk	Not in release	Not in release	Not in release	Not in release
wbxml2	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
xmlrpc	—	—	—	—
xmlrpc-c	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
xsd	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2021-45833

Medium priority

Needs evaluation

A Stack-based Buffer Overflow Vulnerability exists in HDF5 1.13.1-1 via the H5D__create_chunk_file_map_hyper function in /hdf5/src/H5Dchunk.c, which causes a Denial of Service (context-dependent).

3 affected packages

hdf5, insighttoolkit5, paraview

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
hdf5	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
insighttoolkit5	Needs evaluation	Needs evaluation	—	—
paraview	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2021-45832

Medium priority

Needs evaluation

A Stack-based Buffer Overflow Vulnerability exists in HDF5 1.13.1-1 at at hdf5/src/H5Eint.c, which causes a Denial of Service (context-dependent).

3 affected packages

hdf5, insighttoolkit5, paraview

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
hdf5	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
insighttoolkit5	Needs evaluation	Needs evaluation	—	—
paraview	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2021-45830

Medium priority

Needs evaluation

A heap-based buffer overflow vulnerability exists in HDF5 1.13.1-1 via H5F_addr_decode_len in /hdf5/src/H5Fint.c, which could cause a Denial of Service.

3 affected packages

hdf5, insighttoolkit5, paraview

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
hdf5	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
insighttoolkit5	Needs evaluation	Needs evaluation	—	—
paraview	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2021-45829

Medium priority

Needs evaluation

HDF5 1.13.1-1 is affected by: segmentation fault, which causes a Denial of Service.

3 affected packages

hdf5, insighttoolkit5, paraview

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
hdf5	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
insighttoolkit5	Needs evaluation	Needs evaluation	—	—
paraview	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2020-15999

High priority

Some fixes available 16 of 18

Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

18 affected packages

android, chromium-browser, firefox, freetype, godot...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
android	Not in release	Not in release	Not in release	Not in release
chromium-browser	Not affected	Not affected	Not affected	Fixed
firefox	Not affected	Not affected	Not affected	Not affected
freetype	Fixed	Fixed	Fixed	Fixed
godot	Not affected	Not affected	Not affected	Not in release
graphicsmagick	Not affected	Not affected	Not affected	Not affected
musescore	Not in release	Not in release	Not affected	Not affected
openjdk-12	Not in release	Not in release	Not in release	Not in release
openjdk-13	Not in release	Not in release	Not affected	Not in release
openjdk-15	Not in release	Not in release	Not in release	Not in release
openjdk-lts	Not affected	Not affected	Not affected	Not affected
oxide-qt	Not in release	Not in release	Not in release	Not in release
paraview	Not affected	Not affected	Not affected	Not affected
qtbase-opensource-src	Not affected	Not affected	Not affected	Not affected
qtbase-opensource-src-gles	Not affected	Not affected	Not affected	Not in release
texlive-bin	Not affected	Not affected	Not affected	Not affected
texmaker	Not affected	Not affected	Not affected	Not affected
thunderbird	Not affected	Not affected	Not affected	Not affected

Export to JSON

Results by page: