CVE-2018-14033

Name
CVE-2018-14033
Description
An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5O_layout_decode in H5Olayout.c, related to HDmemcpy.
NVD Severity
high
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
Third Party Advisory https://github.com/TeamSeri0us/pocs/blob/master/hdf5/README2.md

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:hdfgroup:hdf5:1.8.20:*:*:*:*:*:*:* hdf5 == None == 1.8.20

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
hdf5 3.14-community 1.12.1-r0 Holger Jaekel <holger.jaekel@gmx.de> fixed
hdf5 edge-community 1.12.1-r0 Holger Jaekel <holger.jaekel@gmx.de> fixed