Search CVE reports


Toggle filters

1 – 10 of 17 results


CVE-2021-46244

Low priority
Needs evaluation

A Divide By Zero vulnerability exists in HDF5 v1.13.1-1 vis the function H5T__complete_copy () at /hdf5/src/H5T.c. This vulnerability causes an aritmetic exception, leading to a Denial of Service (DoS).

8 affected packages

hdf5, insighttoolkit4, kissplice, paraview, r-bloc-rhdf5...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
hdf5 Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
insighttoolkit4 Not in release Needs evaluation Needs evaluation Needs evaluation Needs evaluation
kissplice Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
paraview Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
r-bloc-rhdf5 Ignored
vtk Needs evaluation
vtk6 Needs evaluation Needs evaluation Needs evaluation
xdmf Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show all 8 packages Show less packages

CVE-2021-46243

Medium priority
Needs evaluation

An untrusted pointer dereference vulnerability exists in HDF5 v1.13.1-1 via the function H5O__dtype_decode_helper () at hdf5/src/H5Odtype.c. This vulnerability can lead to a Denial of Service (DoS).

6 affected packages

hdf5, insighttoolkit4, kissplice, paraview, vtk, xdmf

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
hdf5 Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
insighttoolkit4 Not in release Needs evaluation Needs evaluation Needs evaluation Needs evaluation
kissplice Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
paraview Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
vtk Needs evaluation
xdmf Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2021-46242

Medium priority
Needs evaluation

HDF5 v1.13.1-1 was discovered to contain a heap-use-after free via the component H5AC_unpin_entry.

6 affected packages

hdf5, insighttoolkit4, kissplice, paraview, vtk, xdmf

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
hdf5 Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
insighttoolkit4 Not in release Needs evaluation Needs evaluation Needs evaluation Needs evaluation
kissplice Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
paraview Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
vtk Needs evaluation
xdmf Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2021-46143

Medium priority

Some fixes available 26 of 287

In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer overflow exists for m_groupSize.

50 affected packages

apache2, apr-util, astropy, audacity, ayttm...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
apache2 Not affected Not affected Not affected Not affected Not affected
apr-util Not affected Not affected Not affected Not affected Not affected
astropy Needs evaluation Needs evaluation Needs evaluation Needs evaluation Ignored
audacity Not affected Not affected Not affected Not affected Not affected
ayttm Not in release Not in release Not in release Not in release Needs evaluation
cableswig Not in release Not in release Not in release Not in release Needs evaluation
cadaver Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
cmake Not affected Not affected Not affected Not affected Not affected
coda Needs evaluation Needs evaluation Needs evaluation Ignored
coin3 Not affected Not affected Not affected Needs evaluation Needs evaluation
emboss Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
expat Fixed Fixed Fixed Fixed Fixed
firefox Fixed Fixed Fixed Fixed Ignored
gdcm Not affected Not affected Not affected Not affected Not affected
ghostscript Not affected Not affected Not affected Not affected Not affected
harp Needs evaluation Needs evaluation Needs evaluation Ignored
ibm-3270 Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
insighttoolkit Not in release Not in release Not in release Not in release Needs evaluation
insighttoolkit4 Not in release Not affected Not affected Not affected Needs evaluation
insighttoolkit5 Needs evaluation Needs evaluation Ignored
libsynthesis Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
libxmltok Fixed Fixed Fixed Fixed Fixed
mame Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
matanza Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
opencollada Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
paraview Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
poco Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
python2.7 Not in release Not affected Not affected Not affected Not affected
python3.10 Not in release Not affected Not in release Not in release Not in release
python3.4 Not in release Not in release Not in release Not in release Not in release
python3.5 Not in release Not in release Not in release Not in release Not affected
python3.6 Not in release Not in release Not in release Not affected Not in release
python3.7 Not in release Not in release Not in release Not affected Not in release
python3.8 Not in release Not in release Not affected Not affected Not in release
python3.9 Not in release Not in release Not affected Not in release Not in release
qtwebengine-opensource-src Needs evaluation Needs evaluation Needs evaluation Needs evaluation Ignored
sitecopy Not in release Needs evaluation Needs evaluation Needs evaluation Needs evaluation
smart Not in release Not in release Not in release Not affected Not affected
swish-e Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
tdom Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
texlive-bin Not affected Not affected Not affected Not affected Not affected
thunderbird Not affected Not affected Not affected Ignored Ignored
tla Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
visp Needs evaluation Needs evaluation Needs evaluation Needs evaluation
vnc4 Not in release Not in release Not in release Needs evaluation Needs evaluation
vtk Not in release Not in release Not in release Not in release Needs evaluation
wbxml2 Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
xmlrpc Ignored
xmlrpc-c Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
xsd Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show all 50 packages Show less packages

CVE-2021-45833

Medium priority
Needs evaluation

A Stack-based Buffer Overflow Vulnerability exists in HDF5 1.13.1-1 via the H5D__create_chunk_file_map_hyper function in /hdf5/src/H5Dchunk.c, which causes a Denial of Service (context-dependent).

3 affected packages

hdf5, insighttoolkit5, paraview

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
hdf5 Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
insighttoolkit5 Needs evaluation Needs evaluation Ignored
paraview Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2021-45832

Medium priority
Needs evaluation

A Stack-based Buffer Overflow Vulnerability exists in HDF5 1.13.1-1 at at hdf5/src/H5Eint.c, which causes a Denial of Service (context-dependent).

3 affected packages

hdf5, insighttoolkit5, paraview

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
hdf5 Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
insighttoolkit5 Needs evaluation Needs evaluation Ignored
paraview Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2021-45830

Medium priority
Needs evaluation

A heap-based buffer overflow vulnerability exists in HDF5 1.13.1-1 via H5F_addr_decode_len in /hdf5/src/H5Fint.c, which could cause a Denial of Service.

3 affected packages

hdf5, insighttoolkit5, paraview

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
hdf5 Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
insighttoolkit5 Needs evaluation Needs evaluation Ignored
paraview Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2021-45829

Medium priority
Needs evaluation

HDF5 1.13.1-1 is affected by: segmentation fault, which causes a Denial of Service.

3 affected packages

hdf5, insighttoolkit5, paraview

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
hdf5 Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
insighttoolkit5 Needs evaluation Needs evaluation Ignored
paraview Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2020-15999

High priority

Some fixes available 15 of 16

Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

18 affected packages

android, chromium-browser, firefox, freetype, godot...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
android Not in release Not in release Not in release Not in release Needs evaluation
chromium-browser Not affected Not affected Not affected Fixed Fixed
firefox Not affected Not affected Not affected Not affected Not affected
freetype Fixed Fixed Fixed Fixed Fixed
godot Not affected Not affected Not affected Not in release Not in release
graphicsmagick Not affected Not affected Not affected Not affected Not affected
musescore Not in release Not in release Not affected Not affected Not affected
openjdk-12 Not in release Not in release Not in release Not in release Not in release
openjdk-13 Not in release Not in release Not affected Not in release Not in release
openjdk-15 Not in release Not in release Not in release Not in release Not in release
openjdk-lts Not affected Not affected Not affected Not affected Not in release
oxide-qt Not in release Not in release Not in release Not in release Not affected
paraview Not affected Not affected Not affected Not affected Not affected
qtbase-opensource-src Not affected Not affected Not affected Not affected Not affected
qtbase-opensource-src-gles Not affected Not affected Not affected Not in release Not affected
texlive-bin Not affected Not affected Not affected Not affected Not affected
texmaker Not affected Not affected Not affected Not affected Not affected
thunderbird Not affected Not affected Not affected Not affected Not affected
Show all 18 packages Show less packages

CVE-2019-17546

Medium priority

Some fixes available 5 of 56

tif_getimage.c in LibTIFF through 4.0.10, as used in GDAL through 3.0.1 and other products, has an integer overflow that potentially causes a heap-based buffer overflow via a crafted RGBA image, related to a "Negative-size-param"...

17 affected packages

blender, chromium-browser, gdal, insighttoolkit4, ivtools...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
blender Not affected Not affected Not affected Not affected Not affected
chromium-browser Not affected Not affected Not affected Not affected Not affected
gdal Not affected Not affected Not affected Not affected Vulnerable
insighttoolkit4 Not in release Not affected Not affected Not affected Not affected
ivtools Not affected Not affected Not affected Not affected Not affected
libtk-img Not affected Not affected Not affected Not affected Not affected
neuron Not affected Needs evaluation Needs evaluation Needs evaluation Not in release
openjpeg2 Not affected Not affected Not affected Not affected Not affected
paraview Not affected Not affected Not affected Not affected Not affected
povray Not affected Not affected Not affected Not affected Not affected
qt4-x11 Not in release Not in release Not in release Not affected Not affected
qtimageformats-opensource-src Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
qtwebengine-opensource-src Needs evaluation Needs evaluation Needs evaluation Needs evaluation Not in release
sfftobmp Not affected Not affected Not affected Not affected Not affected
texmaker Needs evaluation Needs evaluation Needs evaluation Needs evaluation Not affected
tiff Not affected Not affected Not affected Fixed Fixed
xloadimage Not affected Not affected Not affected Not affected Not affected
Show all 17 packages Show less packages