Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/hdf5@1.6.6-4
Typedeb
Namespacedebian
Namehdf5
Version1.6.6-4
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version1.14.5+repack-3
Latest_non_vulnerable_version1.14.5+repack-3
Affected_by_vulnerabilities
0
url VCID-2xcu-cxdq-b3hb
vulnerability_id VCID-2xcu-cxdq-b3hb
summary Memory leak in the H5O__chunk_deserialize() function in H5Ocache.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service (memory consumption) via a crafted HDF5 file.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17234.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17234.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-17234
reference_id
reference_type
scores
0
value 0.00132
scoring_system epss
scoring_elements 0.32349
published_at 2026-06-04T12:55:00Z
1
value 0.00132
scoring_system epss
scoring_elements 0.32419
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-17234
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17234
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17234
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1633856
reference_id 1633856
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1633856
5
reference_url https://usn.ubuntu.com/USN-5272-1/
reference_id USN-USN-5272-1
reference_type
scores
url https://usn.ubuntu.com/USN-5272-1/
fixed_packages
0
url pkg:deb/debian/hdf5@1.10.6%2Brepack-4%2Bdeb11u1
purl pkg:deb/debian/hdf5@1.10.6%2Brepack-4%2Bdeb11u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1qt2-92gt-f3fk
1
vulnerability VCID-2r6p-322p-37dm
2
vulnerability VCID-4kz9-zrss-83bx
3
vulnerability VCID-5v4u-uu83-sqc8
4
vulnerability VCID-7xfq-w24m-yugw
5
vulnerability VCID-89j8-dfkx-2bhs
6
vulnerability VCID-8aac-7mgq-h7a4
7
vulnerability VCID-8df1-wt32-pqa6
8
vulnerability VCID-8dhg-t7wf-v3ah
9
vulnerability VCID-8jym-e7p3-7qgg
10
vulnerability VCID-adzd-m4tm-v3f8
11
vulnerability VCID-ajuw-pqtu-mygw
12
vulnerability VCID-bhy6-usxm-h7a4
13
vulnerability VCID-c2d5-k2pu-m3ba
14
vulnerability VCID-c54w-b13w-uke7
15
vulnerability VCID-caba-jf2d-yubt
16
vulnerability VCID-d9fr-59ax-vya4
17
vulnerability VCID-dmz7-rekk-1bax
18
vulnerability VCID-e4aq-y2zm-tybp
19
vulnerability VCID-euh2-g5tb-kyc7
20
vulnerability VCID-evc7-d6mz-dqh7
21
vulnerability VCID-g4wu-fszp-sbcp
22
vulnerability VCID-h2q3-ub28-9ygd
23
vulnerability VCID-hguc-e36x-kkfj
24
vulnerability VCID-j2ck-xmvp-h7f7
25
vulnerability VCID-jeu6-8nb9-d3ep
26
vulnerability VCID-jgjd-n5m8-cbbk
27
vulnerability VCID-kpny-jvxd-h7df
28
vulnerability VCID-kx1u-3t7h-tyhb
29
vulnerability VCID-mgev-h4d6-g3c9
30
vulnerability VCID-mkrz-w4u4-tuaj
31
vulnerability VCID-n1ag-bkf2-uyd8
32
vulnerability VCID-n3sz-bxsj-dfbw
33
vulnerability VCID-p3f9-9fu6-cbff
34
vulnerability VCID-p78p-43n3-yqgg
35
vulnerability VCID-pmtb-wxmw-2yh2
36
vulnerability VCID-ppqc-1vsd-1qg6
37
vulnerability VCID-qr98-8n65-eue6
38
vulnerability VCID-qttu-atch-hkcq
39
vulnerability VCID-qzz2-61s2-bkca
40
vulnerability VCID-rr9y-73f6-ybab
41
vulnerability VCID-rwu5-z6rj-uye7
42
vulnerability VCID-s161-wyhp-e3hw
43
vulnerability VCID-tba6-aqxs-nqgm
44
vulnerability VCID-td2e-qeam-fucf
45
vulnerability VCID-ua6h-y2bc-jqdy
46
vulnerability VCID-uhhu-7sbk-gqaf
47
vulnerability VCID-untx-ks69-4yc3
48
vulnerability VCID-usd5-mpjq-fkgm
49
vulnerability VCID-vaam-cd2s-pkh3
50
vulnerability VCID-vf8n-vse9-4qh3
51
vulnerability VCID-vf9h-vkm4-afgk
52
vulnerability VCID-vn8s-gm5x-eqbd
53
vulnerability VCID-wez5-unzz-kudq
54
vulnerability VCID-wt1r-6349-v7at
55
vulnerability VCID-x85j-52ep-z7a4
56
vulnerability VCID-xnb3-ch5w-d3bt
57
vulnerability VCID-ze1t-z525-n3e2
58
vulnerability VCID-zeyd-2fwn-87bh
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.6%252Brepack-4%252Bdeb11u1
aliases CVE-2018-17234
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2xcu-cxdq-b3hb
1
url VCID-59vv-6fa4-ckfh
vulnerability_id VCID-59vv-6fa4-ckfh
summary In HDF5 1.10.1, there is an out of bounds write vulnerability in the function H5G__ent_decode_vec in H5Gcache.c in libhdf5.a. For example, h5dump would crash or possibly have unspecified other impact someone opens a crafted hdf5 file.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17509.json
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17509.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-17509
reference_id
reference_type
scores
0
value 0.00376
scoring_system epss
scoring_elements 0.59499
published_at 2026-06-04T12:55:00Z
1
value 0.00376
scoring_system epss
scoring_elements 0.59549
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-17509
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17509
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17509
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv2
scoring_elements AV:L/AC:M/Au:N/C:P/I:P/A:P
1
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1524911
reference_id 1524911
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1524911
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=884365
reference_id 884365
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=884365
fixed_packages
0
url pkg:deb/debian/hdf5@1.10.4%2Brepack-10
purl pkg:deb/debian/hdf5@1.10.4%2Brepack-10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2xcu-cxdq-b3hb
1
vulnerability VCID-ae73-ha67-tqgm
2
vulnerability VCID-bv3t-82cc-qfd8
3
vulnerability VCID-cy3q-7n3v-xbgr
4
vulnerability VCID-dypw-pp9q-bycr
5
vulnerability VCID-e4qy-jb8b-dkgg
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.4%252Brepack-10
aliases CVE-2017-17509
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-59vv-6fa4-ckfh
2
url VCID-88vu-rux2-xfa8
vulnerability_id VCID-88vu-rux2-xfa8
summary The HDF5 1.8.16 library allocating space for the array using a value from the file has an impact within the loop for initializing said array allowing a value within the file to modify the loop's terminator. Due to this, an aggressor can cause the loop's index to point outside the bounds of the array when initializing it.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4333.json
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4333.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-4333
reference_id
reference_type
scores
0
value 0.0025
scoring_system epss
scoring_elements 0.48473
published_at 2026-06-04T12:55:00Z
1
value 0.0025
scoring_system epss
scoring_elements 0.48536
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-4333
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4330
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4330
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4331
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4331
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4332
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4332
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4333
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4333
6
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.1
scoring_system cvssv2
scoring_elements AV:L/AC:M/Au:S/C:P/I:P/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1397708
reference_id 1397708
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1397708
8
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=845301
reference_id 845301
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=845301
9
reference_url https://security.gentoo.org/glsa/201701-13
reference_id GLSA-201701-13
reference_type
scores
url https://security.gentoo.org/glsa/201701-13
fixed_packages
0
url pkg:deb/debian/hdf5@1.8.13%2Bdocs-15%2Bdeb8u1
purl pkg:deb/debian/hdf5@1.8.13%2Bdocs-15%2Bdeb8u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2xcu-cxdq-b3hb
1
vulnerability VCID-59vv-6fa4-ckfh
2
vulnerability VCID-88vu-rux2-xfa8
3
vulnerability VCID-ae73-ha67-tqgm
4
vulnerability VCID-afg8-hmzq-xbf2
5
vulnerability VCID-amvr-fecp-rkdr
6
vulnerability VCID-bqwb-uc25-6ucm
7
vulnerability VCID-bv3t-82cc-qfd8
8
vulnerability VCID-c1z9-d33b-w3e6
9
vulnerability VCID-chka-ff1j-gqe3
10
vulnerability VCID-cy3q-7n3v-xbgr
11
vulnerability VCID-dypw-pp9q-bycr
12
vulnerability VCID-e3j2-wght-wbaq
13
vulnerability VCID-e4qy-jb8b-dkgg
14
vulnerability VCID-hnkh-k2sk-gqaq
15
vulnerability VCID-mkse-aj8h-2fd4
16
vulnerability VCID-uzzm-mpfp-s7gv
17
vulnerability VCID-ycz8-g88h-7fhs
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.8.13%252Bdocs-15%252Bdeb8u1
1
url pkg:deb/debian/hdf5@1.10.0-patch1%2Bdocs-3%2Bdeb9u1
purl pkg:deb/debian/hdf5@1.10.0-patch1%2Bdocs-3%2Bdeb9u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2xcu-cxdq-b3hb
1
vulnerability VCID-59vv-6fa4-ckfh
2
vulnerability VCID-ae73-ha67-tqgm
3
vulnerability VCID-afg8-hmzq-xbf2
4
vulnerability VCID-bqwb-uc25-6ucm
5
vulnerability VCID-bv3t-82cc-qfd8
6
vulnerability VCID-chka-ff1j-gqe3
7
vulnerability VCID-cy3q-7n3v-xbgr
8
vulnerability VCID-dypw-pp9q-bycr
9
vulnerability VCID-e3j2-wght-wbaq
10
vulnerability VCID-e4qy-jb8b-dkgg
11
vulnerability VCID-hnkh-k2sk-gqaq
12
vulnerability VCID-mkse-aj8h-2fd4
13
vulnerability VCID-uzzm-mpfp-s7gv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.0-patch1%252Bdocs-3%252Bdeb9u1
aliases CVE-2016-4333
risk_score 3.9
exploitability 0.5
weighted_severity 7.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-88vu-rux2-xfa8
3
url VCID-ae73-ha67-tqgm
vulnerability_id VCID-ae73-ha67-tqgm
summary A SIGFPE signal is raised in the function H5D__chunk_set_info_real() of H5Dchunk.c in the HDF HDF5 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection against division by zero. This issue is different from CVE-2018-11207.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17237.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17237.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-17237
reference_id
reference_type
scores
0
value 0.00138
scoring_system epss
scoring_elements 0.33416
published_at 2026-06-04T12:55:00Z
1
value 0.00138
scoring_system epss
scoring_elements 0.33517
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-17237
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17237
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17237
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1633860
reference_id 1633860
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1633860
5
reference_url https://usn.ubuntu.com/USN-5272-1/
reference_id USN-USN-5272-1
reference_type
scores
url https://usn.ubuntu.com/USN-5272-1/
fixed_packages
0
url pkg:deb/debian/hdf5@1.10.6%2Brepack-4%2Bdeb11u1
purl pkg:deb/debian/hdf5@1.10.6%2Brepack-4%2Bdeb11u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1qt2-92gt-f3fk
1
vulnerability VCID-2r6p-322p-37dm
2
vulnerability VCID-4kz9-zrss-83bx
3
vulnerability VCID-5v4u-uu83-sqc8
4
vulnerability VCID-7xfq-w24m-yugw
5
vulnerability VCID-89j8-dfkx-2bhs
6
vulnerability VCID-8aac-7mgq-h7a4
7
vulnerability VCID-8df1-wt32-pqa6
8
vulnerability VCID-8dhg-t7wf-v3ah
9
vulnerability VCID-8jym-e7p3-7qgg
10
vulnerability VCID-adzd-m4tm-v3f8
11
vulnerability VCID-ajuw-pqtu-mygw
12
vulnerability VCID-bhy6-usxm-h7a4
13
vulnerability VCID-c2d5-k2pu-m3ba
14
vulnerability VCID-c54w-b13w-uke7
15
vulnerability VCID-caba-jf2d-yubt
16
vulnerability VCID-d9fr-59ax-vya4
17
vulnerability VCID-dmz7-rekk-1bax
18
vulnerability VCID-e4aq-y2zm-tybp
19
vulnerability VCID-euh2-g5tb-kyc7
20
vulnerability VCID-evc7-d6mz-dqh7
21
vulnerability VCID-g4wu-fszp-sbcp
22
vulnerability VCID-h2q3-ub28-9ygd
23
vulnerability VCID-hguc-e36x-kkfj
24
vulnerability VCID-j2ck-xmvp-h7f7
25
vulnerability VCID-jeu6-8nb9-d3ep
26
vulnerability VCID-jgjd-n5m8-cbbk
27
vulnerability VCID-kpny-jvxd-h7df
28
vulnerability VCID-kx1u-3t7h-tyhb
29
vulnerability VCID-mgev-h4d6-g3c9
30
vulnerability VCID-mkrz-w4u4-tuaj
31
vulnerability VCID-n1ag-bkf2-uyd8
32
vulnerability VCID-n3sz-bxsj-dfbw
33
vulnerability VCID-p3f9-9fu6-cbff
34
vulnerability VCID-p78p-43n3-yqgg
35
vulnerability VCID-pmtb-wxmw-2yh2
36
vulnerability VCID-ppqc-1vsd-1qg6
37
vulnerability VCID-qr98-8n65-eue6
38
vulnerability VCID-qttu-atch-hkcq
39
vulnerability VCID-qzz2-61s2-bkca
40
vulnerability VCID-rr9y-73f6-ybab
41
vulnerability VCID-rwu5-z6rj-uye7
42
vulnerability VCID-s161-wyhp-e3hw
43
vulnerability VCID-tba6-aqxs-nqgm
44
vulnerability VCID-td2e-qeam-fucf
45
vulnerability VCID-ua6h-y2bc-jqdy
46
vulnerability VCID-uhhu-7sbk-gqaf
47
vulnerability VCID-untx-ks69-4yc3
48
vulnerability VCID-usd5-mpjq-fkgm
49
vulnerability VCID-vaam-cd2s-pkh3
50
vulnerability VCID-vf8n-vse9-4qh3
51
vulnerability VCID-vf9h-vkm4-afgk
52
vulnerability VCID-vn8s-gm5x-eqbd
53
vulnerability VCID-wez5-unzz-kudq
54
vulnerability VCID-wt1r-6349-v7at
55
vulnerability VCID-x85j-52ep-z7a4
56
vulnerability VCID-xnb3-ch5w-d3bt
57
vulnerability VCID-ze1t-z525-n3e2
58
vulnerability VCID-zeyd-2fwn-87bh
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.6%252Brepack-4%252Bdeb11u1
aliases CVE-2018-17237
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ae73-ha67-tqgm
4
url VCID-afg8-hmzq-xbf2
vulnerability_id VCID-afg8-hmzq-xbf2
summary A division by zero was discovered in H5D__btree_decode_key in H5Dbtree.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service attack.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11203.json
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11203.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-11203
reference_id
reference_type
scores
0
value 0.00605
scoring_system epss
scoring_elements 0.70014
published_at 2026-06-04T12:55:00Z
1
value 0.00605
scoring_system epss
scoring_elements 0.70055
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-11203
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11203
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11203
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1579951
reference_id 1579951
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1579951
fixed_packages
0
url pkg:deb/debian/hdf5@1.10.4%2Brepack-10
purl pkg:deb/debian/hdf5@1.10.4%2Brepack-10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2xcu-cxdq-b3hb
1
vulnerability VCID-ae73-ha67-tqgm
2
vulnerability VCID-bv3t-82cc-qfd8
3
vulnerability VCID-cy3q-7n3v-xbgr
4
vulnerability VCID-dypw-pp9q-bycr
5
vulnerability VCID-e4qy-jb8b-dkgg
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.4%252Brepack-10
aliases CVE-2018-11203
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-afg8-hmzq-xbf2
5
url VCID-amvr-fecp-rkdr
vulnerability_id VCID-amvr-fecp-rkdr
summary The library's failure to check if certain message types support a particular flag, the HDF5 1.8.16 library will cast the structure to an alternative structure and then assign to fields that aren't supported by the message type and the library will write outside the bounds of the heap buffer. This can lead to code execution under the context of the library.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4332.json
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4332.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-4332
reference_id
reference_type
scores
0
value 0.0011
scoring_system epss
scoring_elements 0.28896
published_at 2026-06-04T12:55:00Z
1
value 0.0011
scoring_system epss
scoring_elements 0.28967
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-4332
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4330
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4330
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4331
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4331
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4332
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4332
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4333
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4333
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1397707
reference_id 1397707
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1397707
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=845301
reference_id 845301
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=845301
8
reference_url https://security.gentoo.org/glsa/201701-13
reference_id GLSA-201701-13
reference_type
scores
url https://security.gentoo.org/glsa/201701-13
fixed_packages
0
url pkg:deb/debian/hdf5@1.8.13%2Bdocs-15%2Bdeb8u1
purl pkg:deb/debian/hdf5@1.8.13%2Bdocs-15%2Bdeb8u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2xcu-cxdq-b3hb
1
vulnerability VCID-59vv-6fa4-ckfh
2
vulnerability VCID-88vu-rux2-xfa8
3
vulnerability VCID-ae73-ha67-tqgm
4
vulnerability VCID-afg8-hmzq-xbf2
5
vulnerability VCID-amvr-fecp-rkdr
6
vulnerability VCID-bqwb-uc25-6ucm
7
vulnerability VCID-bv3t-82cc-qfd8
8
vulnerability VCID-c1z9-d33b-w3e6
9
vulnerability VCID-chka-ff1j-gqe3
10
vulnerability VCID-cy3q-7n3v-xbgr
11
vulnerability VCID-dypw-pp9q-bycr
12
vulnerability VCID-e3j2-wght-wbaq
13
vulnerability VCID-e4qy-jb8b-dkgg
14
vulnerability VCID-hnkh-k2sk-gqaq
15
vulnerability VCID-mkse-aj8h-2fd4
16
vulnerability VCID-uzzm-mpfp-s7gv
17
vulnerability VCID-ycz8-g88h-7fhs
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.8.13%252Bdocs-15%252Bdeb8u1
1
url pkg:deb/debian/hdf5@1.10.0-patch1%2Bdocs-3%2Bdeb9u1
purl pkg:deb/debian/hdf5@1.10.0-patch1%2Bdocs-3%2Bdeb9u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2xcu-cxdq-b3hb
1
vulnerability VCID-59vv-6fa4-ckfh
2
vulnerability VCID-ae73-ha67-tqgm
3
vulnerability VCID-afg8-hmzq-xbf2
4
vulnerability VCID-bqwb-uc25-6ucm
5
vulnerability VCID-bv3t-82cc-qfd8
6
vulnerability VCID-chka-ff1j-gqe3
7
vulnerability VCID-cy3q-7n3v-xbgr
8
vulnerability VCID-dypw-pp9q-bycr
9
vulnerability VCID-e3j2-wght-wbaq
10
vulnerability VCID-e4qy-jb8b-dkgg
11
vulnerability VCID-hnkh-k2sk-gqaq
12
vulnerability VCID-mkse-aj8h-2fd4
13
vulnerability VCID-uzzm-mpfp-s7gv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.0-patch1%252Bdocs-3%252Bdeb9u1
aliases CVE-2016-4332
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-amvr-fecp-rkdr
6
url VCID-bqwb-uc25-6ucm
vulnerability_id VCID-bqwb-uc25-6ucm
summary In HDF5 1.10.1, there is an out of bounds read vulnerability in the function H5Opline_pline_decode in H5Opline.c in libhdf5.a. For example, h5dump would crash when someone opens a crafted hdf5 file.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17506.json
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17506.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-17506
reference_id
reference_type
scores
0
value 0.00433
scoring_system epss
scoring_elements 0.6306
published_at 2026-06-04T12:55:00Z
1
value 0.00433
scoring_system epss
scoring_elements 0.63104
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-17506
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17506
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17506
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv2
scoring_elements AV:L/AC:M/Au:N/C:P/I:N/A:P
1
value 4.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1524907
reference_id 1524907
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1524907
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=884365
reference_id 884365
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=884365
6
reference_url https://usn.ubuntu.com/USN-4817-1/
reference_id USN-USN-4817-1
reference_type
scores
url https://usn.ubuntu.com/USN-4817-1/
fixed_packages
0
url pkg:deb/debian/hdf5@1.10.4%2Brepack-10
purl pkg:deb/debian/hdf5@1.10.4%2Brepack-10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2xcu-cxdq-b3hb
1
vulnerability VCID-ae73-ha67-tqgm
2
vulnerability VCID-bv3t-82cc-qfd8
3
vulnerability VCID-cy3q-7n3v-xbgr
4
vulnerability VCID-dypw-pp9q-bycr
5
vulnerability VCID-e4qy-jb8b-dkgg
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.4%252Brepack-10
aliases CVE-2017-17506
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bqwb-uc25-6ucm
7
url VCID-bv3t-82cc-qfd8
vulnerability_id VCID-bv3t-82cc-qfd8
summary A SIGFPE signal is raised in the function apply_filters() of h5repack_filters.c in the HDF HDF5 through 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection against division by zero. It could allow a remote denial of service attack.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17434.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17434.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-17434
reference_id
reference_type
scores
0
value 0.00287
scoring_system epss
scoring_elements 0.52418
published_at 2026-06-04T12:55:00Z
1
value 0.00287
scoring_system epss
scoring_elements 0.52478
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-17434
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17434
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17434
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1634121
reference_id 1634121
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1634121
fixed_packages
0
url pkg:deb/debian/hdf5@1.10.6%2Brepack-4%2Bdeb11u1
purl pkg:deb/debian/hdf5@1.10.6%2Brepack-4%2Bdeb11u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1qt2-92gt-f3fk
1
vulnerability VCID-2r6p-322p-37dm
2
vulnerability VCID-4kz9-zrss-83bx
3
vulnerability VCID-5v4u-uu83-sqc8
4
vulnerability VCID-7xfq-w24m-yugw
5
vulnerability VCID-89j8-dfkx-2bhs
6
vulnerability VCID-8aac-7mgq-h7a4
7
vulnerability VCID-8df1-wt32-pqa6
8
vulnerability VCID-8dhg-t7wf-v3ah
9
vulnerability VCID-8jym-e7p3-7qgg
10
vulnerability VCID-adzd-m4tm-v3f8
11
vulnerability VCID-ajuw-pqtu-mygw
12
vulnerability VCID-bhy6-usxm-h7a4
13
vulnerability VCID-c2d5-k2pu-m3ba
14
vulnerability VCID-c54w-b13w-uke7
15
vulnerability VCID-caba-jf2d-yubt
16
vulnerability VCID-d9fr-59ax-vya4
17
vulnerability VCID-dmz7-rekk-1bax
18
vulnerability VCID-e4aq-y2zm-tybp
19
vulnerability VCID-euh2-g5tb-kyc7
20
vulnerability VCID-evc7-d6mz-dqh7
21
vulnerability VCID-g4wu-fszp-sbcp
22
vulnerability VCID-h2q3-ub28-9ygd
23
vulnerability VCID-hguc-e36x-kkfj
24
vulnerability VCID-j2ck-xmvp-h7f7
25
vulnerability VCID-jeu6-8nb9-d3ep
26
vulnerability VCID-jgjd-n5m8-cbbk
27
vulnerability VCID-kpny-jvxd-h7df
28
vulnerability VCID-kx1u-3t7h-tyhb
29
vulnerability VCID-mgev-h4d6-g3c9
30
vulnerability VCID-mkrz-w4u4-tuaj
31
vulnerability VCID-n1ag-bkf2-uyd8
32
vulnerability VCID-n3sz-bxsj-dfbw
33
vulnerability VCID-p3f9-9fu6-cbff
34
vulnerability VCID-p78p-43n3-yqgg
35
vulnerability VCID-pmtb-wxmw-2yh2
36
vulnerability VCID-ppqc-1vsd-1qg6
37
vulnerability VCID-qr98-8n65-eue6
38
vulnerability VCID-qttu-atch-hkcq
39
vulnerability VCID-qzz2-61s2-bkca
40
vulnerability VCID-rr9y-73f6-ybab
41
vulnerability VCID-rwu5-z6rj-uye7
42
vulnerability VCID-s161-wyhp-e3hw
43
vulnerability VCID-tba6-aqxs-nqgm
44
vulnerability VCID-td2e-qeam-fucf
45
vulnerability VCID-ua6h-y2bc-jqdy
46
vulnerability VCID-uhhu-7sbk-gqaf
47
vulnerability VCID-untx-ks69-4yc3
48
vulnerability VCID-usd5-mpjq-fkgm
49
vulnerability VCID-vaam-cd2s-pkh3
50
vulnerability VCID-vf8n-vse9-4qh3
51
vulnerability VCID-vf9h-vkm4-afgk
52
vulnerability VCID-vn8s-gm5x-eqbd
53
vulnerability VCID-wez5-unzz-kudq
54
vulnerability VCID-wt1r-6349-v7at
55
vulnerability VCID-x85j-52ep-z7a4
56
vulnerability VCID-xnb3-ch5w-d3bt
57
vulnerability VCID-ze1t-z525-n3e2
58
vulnerability VCID-zeyd-2fwn-87bh
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.6%252Brepack-4%252Bdeb11u1
aliases CVE-2018-17434
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bv3t-82cc-qfd8
8
url VCID-c1z9-d33b-w3e6
vulnerability_id VCID-c1z9-d33b-w3e6
summary When decoding data out of a dataset encoded with the H5Z_NBIT decoding, the HDF5 1.8.16 library will fail to ensure that the precision is within the bounds of the size leading to arbitrary code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4331.json
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4331.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-4331
reference_id
reference_type
scores
0
value 0.0045
scoring_system epss
scoring_elements 0.63984
published_at 2026-06-04T12:55:00Z
1
value 0.0045
scoring_system epss
scoring_elements 0.64026
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-4331
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4330
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4330
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4331
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4331
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4332
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4332
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4333
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4333
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1397704
reference_id 1397704
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1397704
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=845301
reference_id 845301
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=845301
8
reference_url https://security.gentoo.org/glsa/201701-13
reference_id GLSA-201701-13
reference_type
scores
url https://security.gentoo.org/glsa/201701-13
fixed_packages
0
url pkg:deb/debian/hdf5@1.8.13%2Bdocs-15%2Bdeb8u1
purl pkg:deb/debian/hdf5@1.8.13%2Bdocs-15%2Bdeb8u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2xcu-cxdq-b3hb
1
vulnerability VCID-59vv-6fa4-ckfh
2
vulnerability VCID-88vu-rux2-xfa8
3
vulnerability VCID-ae73-ha67-tqgm
4
vulnerability VCID-afg8-hmzq-xbf2
5
vulnerability VCID-amvr-fecp-rkdr
6
vulnerability VCID-bqwb-uc25-6ucm
7
vulnerability VCID-bv3t-82cc-qfd8
8
vulnerability VCID-c1z9-d33b-w3e6
9
vulnerability VCID-chka-ff1j-gqe3
10
vulnerability VCID-cy3q-7n3v-xbgr
11
vulnerability VCID-dypw-pp9q-bycr
12
vulnerability VCID-e3j2-wght-wbaq
13
vulnerability VCID-e4qy-jb8b-dkgg
14
vulnerability VCID-hnkh-k2sk-gqaq
15
vulnerability VCID-mkse-aj8h-2fd4
16
vulnerability VCID-uzzm-mpfp-s7gv
17
vulnerability VCID-ycz8-g88h-7fhs
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.8.13%252Bdocs-15%252Bdeb8u1
1
url pkg:deb/debian/hdf5@1.10.0-patch1%2Bdocs-3%2Bdeb9u1
purl pkg:deb/debian/hdf5@1.10.0-patch1%2Bdocs-3%2Bdeb9u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2xcu-cxdq-b3hb
1
vulnerability VCID-59vv-6fa4-ckfh
2
vulnerability VCID-ae73-ha67-tqgm
3
vulnerability VCID-afg8-hmzq-xbf2
4
vulnerability VCID-bqwb-uc25-6ucm
5
vulnerability VCID-bv3t-82cc-qfd8
6
vulnerability VCID-chka-ff1j-gqe3
7
vulnerability VCID-cy3q-7n3v-xbgr
8
vulnerability VCID-dypw-pp9q-bycr
9
vulnerability VCID-e3j2-wght-wbaq
10
vulnerability VCID-e4qy-jb8b-dkgg
11
vulnerability VCID-hnkh-k2sk-gqaq
12
vulnerability VCID-mkse-aj8h-2fd4
13
vulnerability VCID-uzzm-mpfp-s7gv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.0-patch1%252Bdocs-3%252Bdeb9u1
aliases CVE-2016-4331
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c1z9-d33b-w3e6
9
url VCID-chka-ff1j-gqe3
vulnerability_id VCID-chka-ff1j-gqe3
summary A NULL pointer dereference was discovered in H5O__chunk_deserialize in H5Ocache.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service attack.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11204.json
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11204.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-11204
reference_id
reference_type
scores
0
value 0.0036
scoring_system epss
scoring_elements 0.58454
published_at 2026-06-04T12:55:00Z
1
value 0.0036
scoring_system epss
scoring_elements 0.585
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-11204
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11204
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11204
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1579955
reference_id 1579955
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1579955
fixed_packages
0
url pkg:deb/debian/hdf5@1.10.4%2Brepack-10
purl pkg:deb/debian/hdf5@1.10.4%2Brepack-10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2xcu-cxdq-b3hb
1
vulnerability VCID-ae73-ha67-tqgm
2
vulnerability VCID-bv3t-82cc-qfd8
3
vulnerability VCID-cy3q-7n3v-xbgr
4
vulnerability VCID-dypw-pp9q-bycr
5
vulnerability VCID-e4qy-jb8b-dkgg
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.4%252Brepack-10
aliases CVE-2018-11204
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-chka-ff1j-gqe3
10
url VCID-cy3q-7n3v-xbgr
vulnerability_id VCID-cy3q-7n3v-xbgr
summary Memory leak in the H5O_dtype_decode_helper() function in H5Odtype.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service (memory consumption) via a crafted HDF5 file.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17437.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17437.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-17437
reference_id
reference_type
scores
0
value 0.00139
scoring_system epss
scoring_elements 0.33676
published_at 2026-06-04T12:55:00Z
1
value 0.00139
scoring_system epss
scoring_elements 0.33777
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-17437
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17437
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17437
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1634132
reference_id 1634132
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1634132
fixed_packages
0
url pkg:deb/debian/hdf5@1.10.6%2Brepack-4%2Bdeb11u1
purl pkg:deb/debian/hdf5@1.10.6%2Brepack-4%2Bdeb11u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1qt2-92gt-f3fk
1
vulnerability VCID-2r6p-322p-37dm
2
vulnerability VCID-4kz9-zrss-83bx
3
vulnerability VCID-5v4u-uu83-sqc8
4
vulnerability VCID-7xfq-w24m-yugw
5
vulnerability VCID-89j8-dfkx-2bhs
6
vulnerability VCID-8aac-7mgq-h7a4
7
vulnerability VCID-8df1-wt32-pqa6
8
vulnerability VCID-8dhg-t7wf-v3ah
9
vulnerability VCID-8jym-e7p3-7qgg
10
vulnerability VCID-adzd-m4tm-v3f8
11
vulnerability VCID-ajuw-pqtu-mygw
12
vulnerability VCID-bhy6-usxm-h7a4
13
vulnerability VCID-c2d5-k2pu-m3ba
14
vulnerability VCID-c54w-b13w-uke7
15
vulnerability VCID-caba-jf2d-yubt
16
vulnerability VCID-d9fr-59ax-vya4
17
vulnerability VCID-dmz7-rekk-1bax
18
vulnerability VCID-e4aq-y2zm-tybp
19
vulnerability VCID-euh2-g5tb-kyc7
20
vulnerability VCID-evc7-d6mz-dqh7
21
vulnerability VCID-g4wu-fszp-sbcp
22
vulnerability VCID-h2q3-ub28-9ygd
23
vulnerability VCID-hguc-e36x-kkfj
24
vulnerability VCID-j2ck-xmvp-h7f7
25
vulnerability VCID-jeu6-8nb9-d3ep
26
vulnerability VCID-jgjd-n5m8-cbbk
27
vulnerability VCID-kpny-jvxd-h7df
28
vulnerability VCID-kx1u-3t7h-tyhb
29
vulnerability VCID-mgev-h4d6-g3c9
30
vulnerability VCID-mkrz-w4u4-tuaj
31
vulnerability VCID-n1ag-bkf2-uyd8
32
vulnerability VCID-n3sz-bxsj-dfbw
33
vulnerability VCID-p3f9-9fu6-cbff
34
vulnerability VCID-p78p-43n3-yqgg
35
vulnerability VCID-pmtb-wxmw-2yh2
36
vulnerability VCID-ppqc-1vsd-1qg6
37
vulnerability VCID-qr98-8n65-eue6
38
vulnerability VCID-qttu-atch-hkcq
39
vulnerability VCID-qzz2-61s2-bkca
40
vulnerability VCID-rr9y-73f6-ybab
41
vulnerability VCID-rwu5-z6rj-uye7
42
vulnerability VCID-s161-wyhp-e3hw
43
vulnerability VCID-tba6-aqxs-nqgm
44
vulnerability VCID-td2e-qeam-fucf
45
vulnerability VCID-ua6h-y2bc-jqdy
46
vulnerability VCID-uhhu-7sbk-gqaf
47
vulnerability VCID-untx-ks69-4yc3
48
vulnerability VCID-usd5-mpjq-fkgm
49
vulnerability VCID-vaam-cd2s-pkh3
50
vulnerability VCID-vf8n-vse9-4qh3
51
vulnerability VCID-vf9h-vkm4-afgk
52
vulnerability VCID-vn8s-gm5x-eqbd
53
vulnerability VCID-wez5-unzz-kudq
54
vulnerability VCID-wt1r-6349-v7at
55
vulnerability VCID-x85j-52ep-z7a4
56
vulnerability VCID-xnb3-ch5w-d3bt
57
vulnerability VCID-ze1t-z525-n3e2
58
vulnerability VCID-zeyd-2fwn-87bh
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.6%252Brepack-4%252Bdeb11u1
aliases CVE-2018-17437
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cy3q-7n3v-xbgr
11
url VCID-dypw-pp9q-bycr
vulnerability_id VCID-dypw-pp9q-bycr
summary A SIGFPE signal is raised in the function H5D__create_chunk_file_map_hyper() of H5Dchunk.c in the HDF HDF5 through 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection against division by zero. It could allow a remote denial of service attack.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17233.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17233.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-17233
reference_id
reference_type
scores
0
value 0.00273
scoring_system epss
scoring_elements 0.50915
published_at 2026-06-04T12:55:00Z
1
value 0.00273
scoring_system epss
scoring_elements 0.50977
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-17233
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17233
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17233
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1633853
reference_id 1633853
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1633853
5
reference_url https://usn.ubuntu.com/USN-5272-1/
reference_id USN-USN-5272-1
reference_type
scores
url https://usn.ubuntu.com/USN-5272-1/
fixed_packages
0
url pkg:deb/debian/hdf5@1.10.6%2Brepack-4%2Bdeb11u1
purl pkg:deb/debian/hdf5@1.10.6%2Brepack-4%2Bdeb11u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1qt2-92gt-f3fk
1
vulnerability VCID-2r6p-322p-37dm
2
vulnerability VCID-4kz9-zrss-83bx
3
vulnerability VCID-5v4u-uu83-sqc8
4
vulnerability VCID-7xfq-w24m-yugw
5
vulnerability VCID-89j8-dfkx-2bhs
6
vulnerability VCID-8aac-7mgq-h7a4
7
vulnerability VCID-8df1-wt32-pqa6
8
vulnerability VCID-8dhg-t7wf-v3ah
9
vulnerability VCID-8jym-e7p3-7qgg
10
vulnerability VCID-adzd-m4tm-v3f8
11
vulnerability VCID-ajuw-pqtu-mygw
12
vulnerability VCID-bhy6-usxm-h7a4
13
vulnerability VCID-c2d5-k2pu-m3ba
14
vulnerability VCID-c54w-b13w-uke7
15
vulnerability VCID-caba-jf2d-yubt
16
vulnerability VCID-d9fr-59ax-vya4
17
vulnerability VCID-dmz7-rekk-1bax
18
vulnerability VCID-e4aq-y2zm-tybp
19
vulnerability VCID-euh2-g5tb-kyc7
20
vulnerability VCID-evc7-d6mz-dqh7
21
vulnerability VCID-g4wu-fszp-sbcp
22
vulnerability VCID-h2q3-ub28-9ygd
23
vulnerability VCID-hguc-e36x-kkfj
24
vulnerability VCID-j2ck-xmvp-h7f7
25
vulnerability VCID-jeu6-8nb9-d3ep
26
vulnerability VCID-jgjd-n5m8-cbbk
27
vulnerability VCID-kpny-jvxd-h7df
28
vulnerability VCID-kx1u-3t7h-tyhb
29
vulnerability VCID-mgev-h4d6-g3c9
30
vulnerability VCID-mkrz-w4u4-tuaj
31
vulnerability VCID-n1ag-bkf2-uyd8
32
vulnerability VCID-n3sz-bxsj-dfbw
33
vulnerability VCID-p3f9-9fu6-cbff
34
vulnerability VCID-p78p-43n3-yqgg
35
vulnerability VCID-pmtb-wxmw-2yh2
36
vulnerability VCID-ppqc-1vsd-1qg6
37
vulnerability VCID-qr98-8n65-eue6
38
vulnerability VCID-qttu-atch-hkcq
39
vulnerability VCID-qzz2-61s2-bkca
40
vulnerability VCID-rr9y-73f6-ybab
41
vulnerability VCID-rwu5-z6rj-uye7
42
vulnerability VCID-s161-wyhp-e3hw
43
vulnerability VCID-tba6-aqxs-nqgm
44
vulnerability VCID-td2e-qeam-fucf
45
vulnerability VCID-ua6h-y2bc-jqdy
46
vulnerability VCID-uhhu-7sbk-gqaf
47
vulnerability VCID-untx-ks69-4yc3
48
vulnerability VCID-usd5-mpjq-fkgm
49
vulnerability VCID-vaam-cd2s-pkh3
50
vulnerability VCID-vf8n-vse9-4qh3
51
vulnerability VCID-vf9h-vkm4-afgk
52
vulnerability VCID-vn8s-gm5x-eqbd
53
vulnerability VCID-wez5-unzz-kudq
54
vulnerability VCID-wt1r-6349-v7at
55
vulnerability VCID-x85j-52ep-z7a4
56
vulnerability VCID-xnb3-ch5w-d3bt
57
vulnerability VCID-ze1t-z525-n3e2
58
vulnerability VCID-zeyd-2fwn-87bh
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.6%252Brepack-4%252Bdeb11u1
aliases CVE-2018-17233
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dypw-pp9q-bycr
12
url VCID-e3j2-wght-wbaq
vulnerability_id VCID-e3j2-wght-wbaq
summary A division by zero was discovered in H5D__chunk_init in H5Dchunk.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service attack.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11207.json
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11207.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-11207
reference_id
reference_type
scores
0
value 0.00867
scoring_system epss
scoring_elements 0.75513
published_at 2026-06-04T12:55:00Z
1
value 0.00867
scoring_system epss
scoring_elements 0.75541
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-11207
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11207
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11207
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1579961
reference_id 1579961
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1579961
fixed_packages
0
url pkg:deb/debian/hdf5@1.10.4%2Brepack-10
purl pkg:deb/debian/hdf5@1.10.4%2Brepack-10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2xcu-cxdq-b3hb
1
vulnerability VCID-ae73-ha67-tqgm
2
vulnerability VCID-bv3t-82cc-qfd8
3
vulnerability VCID-cy3q-7n3v-xbgr
4
vulnerability VCID-dypw-pp9q-bycr
5
vulnerability VCID-e4qy-jb8b-dkgg
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.4%252Brepack-10
aliases CVE-2018-11207
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e3j2-wght-wbaq
13
url VCID-e4qy-jb8b-dkgg
vulnerability_id VCID-e4qy-jb8b-dkgg
summary A SIGFPE signal is raised in the function H5D__select_io() of H5Dselect.c in the HDF HDF5 through 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection against division by zero. It could allow a remote denial of service attack.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17438.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17438.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-17438
reference_id
reference_type
scores
0
value 0.00359
scoring_system epss
scoring_elements 0.58346
published_at 2026-06-04T12:55:00Z
1
value 0.00359
scoring_system epss
scoring_elements 0.58393
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-17438
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17438
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17438
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1634139
reference_id 1634139
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1634139
fixed_packages
0
url pkg:deb/debian/hdf5@1.10.6%2Brepack-4%2Bdeb11u1
purl pkg:deb/debian/hdf5@1.10.6%2Brepack-4%2Bdeb11u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1qt2-92gt-f3fk
1
vulnerability VCID-2r6p-322p-37dm
2
vulnerability VCID-4kz9-zrss-83bx
3
vulnerability VCID-5v4u-uu83-sqc8
4
vulnerability VCID-7xfq-w24m-yugw
5
vulnerability VCID-89j8-dfkx-2bhs
6
vulnerability VCID-8aac-7mgq-h7a4
7
vulnerability VCID-8df1-wt32-pqa6
8
vulnerability VCID-8dhg-t7wf-v3ah
9
vulnerability VCID-8jym-e7p3-7qgg
10
vulnerability VCID-adzd-m4tm-v3f8
11
vulnerability VCID-ajuw-pqtu-mygw
12
vulnerability VCID-bhy6-usxm-h7a4
13
vulnerability VCID-c2d5-k2pu-m3ba
14
vulnerability VCID-c54w-b13w-uke7
15
vulnerability VCID-caba-jf2d-yubt
16
vulnerability VCID-d9fr-59ax-vya4
17
vulnerability VCID-dmz7-rekk-1bax
18
vulnerability VCID-e4aq-y2zm-tybp
19
vulnerability VCID-euh2-g5tb-kyc7
20
vulnerability VCID-evc7-d6mz-dqh7
21
vulnerability VCID-g4wu-fszp-sbcp
22
vulnerability VCID-h2q3-ub28-9ygd
23
vulnerability VCID-hguc-e36x-kkfj
24
vulnerability VCID-j2ck-xmvp-h7f7
25
vulnerability VCID-jeu6-8nb9-d3ep
26
vulnerability VCID-jgjd-n5m8-cbbk
27
vulnerability VCID-kpny-jvxd-h7df
28
vulnerability VCID-kx1u-3t7h-tyhb
29
vulnerability VCID-mgev-h4d6-g3c9
30
vulnerability VCID-mkrz-w4u4-tuaj
31
vulnerability VCID-n1ag-bkf2-uyd8
32
vulnerability VCID-n3sz-bxsj-dfbw
33
vulnerability VCID-p3f9-9fu6-cbff
34
vulnerability VCID-p78p-43n3-yqgg
35
vulnerability VCID-pmtb-wxmw-2yh2
36
vulnerability VCID-ppqc-1vsd-1qg6
37
vulnerability VCID-qr98-8n65-eue6
38
vulnerability VCID-qttu-atch-hkcq
39
vulnerability VCID-qzz2-61s2-bkca
40
vulnerability VCID-rr9y-73f6-ybab
41
vulnerability VCID-rwu5-z6rj-uye7
42
vulnerability VCID-s161-wyhp-e3hw
43
vulnerability VCID-tba6-aqxs-nqgm
44
vulnerability VCID-td2e-qeam-fucf
45
vulnerability VCID-ua6h-y2bc-jqdy
46
vulnerability VCID-uhhu-7sbk-gqaf
47
vulnerability VCID-untx-ks69-4yc3
48
vulnerability VCID-usd5-mpjq-fkgm
49
vulnerability VCID-vaam-cd2s-pkh3
50
vulnerability VCID-vf8n-vse9-4qh3
51
vulnerability VCID-vf9h-vkm4-afgk
52
vulnerability VCID-vn8s-gm5x-eqbd
53
vulnerability VCID-wez5-unzz-kudq
54
vulnerability VCID-wt1r-6349-v7at
55
vulnerability VCID-x85j-52ep-z7a4
56
vulnerability VCID-xnb3-ch5w-d3bt
57
vulnerability VCID-ze1t-z525-n3e2
58
vulnerability VCID-zeyd-2fwn-87bh
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.6%252Brepack-4%252Bdeb11u1
aliases CVE-2018-17438
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e4qy-jb8b-dkgg
14
url VCID-hnkh-k2sk-gqaq
vulnerability_id VCID-hnkh-k2sk-gqaq
summary A NULL pointer dereference was discovered in H5S_hyper_make_spans in H5Shyper.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service attack.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11202.json
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11202.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-11202
reference_id
reference_type
scores
0
value 0.01323
scoring_system epss
scoring_elements 0.80231
published_at 2026-06-04T12:55:00Z
1
value 0.01323
scoring_system epss
scoring_elements 0.80255
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-11202
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11202
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11202
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1579946
reference_id 1579946
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1579946
fixed_packages
0
url pkg:deb/debian/hdf5@1.10.4%2Brepack-10
purl pkg:deb/debian/hdf5@1.10.4%2Brepack-10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2xcu-cxdq-b3hb
1
vulnerability VCID-ae73-ha67-tqgm
2
vulnerability VCID-bv3t-82cc-qfd8
3
vulnerability VCID-cy3q-7n3v-xbgr
4
vulnerability VCID-dypw-pp9q-bycr
5
vulnerability VCID-e4qy-jb8b-dkgg
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.4%252Brepack-10
aliases CVE-2018-11202
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hnkh-k2sk-gqaq
15
url VCID-mkse-aj8h-2fd4
vulnerability_id VCID-mkse-aj8h-2fd4
summary In HDF5 1.10.1, there is a NULL pointer dereference in the function H5O_pline_decode in the H5Opline.c file in libhdf5.a. For example, h5dump would crash when someone opens a crafted hdf5 file.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17505.json
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17505.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-17505
reference_id
reference_type
scores
0
value 0.00434
scoring_system epss
scoring_elements 0.63175
published_at 2026-06-04T12:55:00Z
1
value 0.00434
scoring_system epss
scoring_elements 0.6322
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-17505
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17505
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17505
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 1.9
scoring_system cvssv2
scoring_elements AV:L/AC:M/Au:N/C:N/I:N/A:P
1
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1524906
reference_id 1524906
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1524906
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=884365
reference_id 884365
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=884365
6
reference_url https://usn.ubuntu.com/USN-4817-1/
reference_id USN-USN-4817-1
reference_type
scores
url https://usn.ubuntu.com/USN-4817-1/
fixed_packages
0
url pkg:deb/debian/hdf5@1.10.4%2Brepack-10
purl pkg:deb/debian/hdf5@1.10.4%2Brepack-10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2xcu-cxdq-b3hb
1
vulnerability VCID-ae73-ha67-tqgm
2
vulnerability VCID-bv3t-82cc-qfd8
3
vulnerability VCID-cy3q-7n3v-xbgr
4
vulnerability VCID-dypw-pp9q-bycr
5
vulnerability VCID-e4qy-jb8b-dkgg
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.4%252Brepack-10
aliases CVE-2017-17505
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mkse-aj8h-2fd4
16
url VCID-uzzm-mpfp-s7gv
vulnerability_id VCID-uzzm-mpfp-s7gv
summary In HDF5 1.10.1, there is a divide-by-zero vulnerability in the function H5T_set_loc in the H5T.c file in libhdf5.a. For example, h5dump would crash when someone opens a crafted hdf5 file.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17508.json
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17508.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-17508
reference_id
reference_type
scores
0
value 0.00433
scoring_system epss
scoring_elements 0.6306
published_at 2026-06-04T12:55:00Z
1
value 0.00433
scoring_system epss
scoring_elements 0.63104
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-17508
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17508
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17508
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 1.9
scoring_system cvssv2
scoring_elements AV:L/AC:M/Au:N/C:N/I:N/A:P
1
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1524910
reference_id 1524910
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1524910
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=884365
reference_id 884365
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=884365
6
reference_url https://usn.ubuntu.com/USN-4817-1/
reference_id USN-USN-4817-1
reference_type
scores
url https://usn.ubuntu.com/USN-4817-1/
fixed_packages
0
url pkg:deb/debian/hdf5@1.10.4%2Brepack-10
purl pkg:deb/debian/hdf5@1.10.4%2Brepack-10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2xcu-cxdq-b3hb
1
vulnerability VCID-ae73-ha67-tqgm
2
vulnerability VCID-bv3t-82cc-qfd8
3
vulnerability VCID-cy3q-7n3v-xbgr
4
vulnerability VCID-dypw-pp9q-bycr
5
vulnerability VCID-e4qy-jb8b-dkgg
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.4%252Brepack-10
aliases CVE-2017-17508
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uzzm-mpfp-s7gv
17
url VCID-ycz8-g88h-7fhs
vulnerability_id VCID-ycz8-g88h-7fhs
summary In the HDF5 1.8.16 library's failure to check if the number of dimensions for an array read from the file is within the bounds of the space allocated for it, a heap-based buffer overflow will occur, potentially leading to arbitrary code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4330.json
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4330.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-4330
reference_id
reference_type
scores
0
value 0.00442
scoring_system epss
scoring_elements 0.63565
published_at 2026-06-04T12:55:00Z
1
value 0.00442
scoring_system epss
scoring_elements 0.63608
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-4330
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4330
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4330
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4331
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4331
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4332
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4332
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4333
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4333
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1397701
reference_id 1397701
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1397701
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=845301
reference_id 845301
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=845301
8
reference_url https://security.gentoo.org/glsa/201701-13
reference_id GLSA-201701-13
reference_type
scores
url https://security.gentoo.org/glsa/201701-13
fixed_packages
0
url pkg:deb/debian/hdf5@1.8.13%2Bdocs-15%2Bdeb8u1
purl pkg:deb/debian/hdf5@1.8.13%2Bdocs-15%2Bdeb8u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2xcu-cxdq-b3hb
1
vulnerability VCID-59vv-6fa4-ckfh
2
vulnerability VCID-88vu-rux2-xfa8
3
vulnerability VCID-ae73-ha67-tqgm
4
vulnerability VCID-afg8-hmzq-xbf2
5
vulnerability VCID-amvr-fecp-rkdr
6
vulnerability VCID-bqwb-uc25-6ucm
7
vulnerability VCID-bv3t-82cc-qfd8
8
vulnerability VCID-c1z9-d33b-w3e6
9
vulnerability VCID-chka-ff1j-gqe3
10
vulnerability VCID-cy3q-7n3v-xbgr
11
vulnerability VCID-dypw-pp9q-bycr
12
vulnerability VCID-e3j2-wght-wbaq
13
vulnerability VCID-e4qy-jb8b-dkgg
14
vulnerability VCID-hnkh-k2sk-gqaq
15
vulnerability VCID-mkse-aj8h-2fd4
16
vulnerability VCID-uzzm-mpfp-s7gv
17
vulnerability VCID-ycz8-g88h-7fhs
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.8.13%252Bdocs-15%252Bdeb8u1
1
url pkg:deb/debian/hdf5@1.10.0-patch1%2Bdocs-3%2Bdeb9u1
purl pkg:deb/debian/hdf5@1.10.0-patch1%2Bdocs-3%2Bdeb9u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2xcu-cxdq-b3hb
1
vulnerability VCID-59vv-6fa4-ckfh
2
vulnerability VCID-ae73-ha67-tqgm
3
vulnerability VCID-afg8-hmzq-xbf2
4
vulnerability VCID-bqwb-uc25-6ucm
5
vulnerability VCID-bv3t-82cc-qfd8
6
vulnerability VCID-chka-ff1j-gqe3
7
vulnerability VCID-cy3q-7n3v-xbgr
8
vulnerability VCID-dypw-pp9q-bycr
9
vulnerability VCID-e3j2-wght-wbaq
10
vulnerability VCID-e4qy-jb8b-dkgg
11
vulnerability VCID-hnkh-k2sk-gqaq
12
vulnerability VCID-mkse-aj8h-2fd4
13
vulnerability VCID-uzzm-mpfp-s7gv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.0-patch1%252Bdocs-3%252Bdeb9u1
aliases CVE-2016-4330
risk_score 3.9
exploitability 0.5
weighted_severity 7.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ycz8-g88h-7fhs
Fixing_vulnerabilities
Risk_score3.9
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.6.6-4