Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
HDF5 Affected by H5T__conv_struct_opt Heap Buffer Overflow
Vulnerability Description
HDF5 is software for managing data. Prior to version 1.14.4-2, an attacker who can control an `h5` file parsed by HDF5 can trigger a write-based heap buffer overflow condition. This can lead to a denial-of-service condition, and potentially further issues such as remote code execution depending on the practical exploitability of the heap overflow against modern operating systems. Real-world exploitability of this issue in terms of remote-code execution is currently unknown. Version 1.14.4-2 fixes the issue.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Vulnerability Type
堆缓冲区溢出
Vulnerability Title
HDF5 安全漏洞
Vulnerability Description
HDF5是HDF开源的一个库。 HDF5 1.14.4-2之前版本存在安全漏洞,该漏洞源于处理特制h5文件时可能触发基于写入的堆缓冲区溢出,可能导致拒绝服务或远程代码执行。
CVSS Information
N/A
Vulnerability Type
N/A