Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/41958?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41958?format=api", "vulnerability_id": "VCID-e4aq-y2zm-tybp", "summary": "Out-of-bounds Write\nA Stack-based Buffer Overflow Vulnerability exists in HDF5 via the H5D__create_chunk_file_map_hyper function in /hdf5/src/H5Dchunk.c, which causes a Denial of Service (context-dependent).", "aliases": [ { "alias": "CVE-2021-45833" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/98395?format=api", "purl": "pkg:deb/debian/hdf5@1.14.5%2Brepack-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/98393?format=api", "purl": "pkg:deb/debian/hdf5@1.14.5%2Brepack-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/195415?format=api", "purl": "pkg:deb/debian/hdf5@1.14.5%2Brepack-3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-3" }, { "url": "http://public2.vulnerablecode.io/api/packages/98392?format=api", "purl": "pkg:deb/debian/hdf5@1.14.6%2Brepack-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.6%252Brepack-2%3Fdistro=trixie" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/59943?format=api", "purl": "pkg:conan/hdf5@1.13.1-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-b8a9-dvrx-63h7" }, { "vulnerability": "VCID-e4aq-y2zm-tybp" }, { "vulnerability": "VCID-p41d-rses-87hp" }, { "vulnerability": "VCID-s161-wyhp-e3hw" }, { "vulnerability": "VCID-td2e-qeam-fucf" }, { "vulnerability": "VCID-vaam-cd2s-pkh3" }, { "vulnerability": "VCID-x7fz-sgfp-pfh1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:conan/hdf5@1.13.1-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/98391?format=api", "purl": "pkg:deb/debian/hdf5@1.10.6%2Brepack-4%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1qt2-92gt-f3fk" }, { "vulnerability": "VCID-2r6p-322p-37dm" }, { "vulnerability": "VCID-4kz9-zrss-83bx" }, { "vulnerability": "VCID-5v4u-uu83-sqc8" }, { "vulnerability": "VCID-7xfq-w24m-yugw" }, { "vulnerability": "VCID-89j8-dfkx-2bhs" }, { "vulnerability": "VCID-8aac-7mgq-h7a4" }, { "vulnerability": "VCID-8df1-wt32-pqa6" }, { "vulnerability": "VCID-8dhg-t7wf-v3ah" }, { "vulnerability": "VCID-8jym-e7p3-7qgg" }, { "vulnerability": "VCID-adzd-m4tm-v3f8" }, { "vulnerability": "VCID-ajuw-pqtu-mygw" }, { "vulnerability": "VCID-bhy6-usxm-h7a4" }, { "vulnerability": "VCID-c2d5-k2pu-m3ba" }, { "vulnerability": "VCID-c54w-b13w-uke7" }, { "vulnerability": "VCID-caba-jf2d-yubt" }, { "vulnerability": "VCID-d9fr-59ax-vya4" }, { "vulnerability": "VCID-dmz7-rekk-1bax" }, { "vulnerability": "VCID-e4aq-y2zm-tybp" }, { "vulnerability": "VCID-euh2-g5tb-kyc7" }, { "vulnerability": "VCID-evc7-d6mz-dqh7" }, { "vulnerability": "VCID-g4wu-fszp-sbcp" }, { "vulnerability": "VCID-h2q3-ub28-9ygd" }, { "vulnerability": "VCID-hguc-e36x-kkfj" }, { "vulnerability": "VCID-j2ck-xmvp-h7f7" }, { "vulnerability": "VCID-jeu6-8nb9-d3ep" }, { "vulnerability": "VCID-jgjd-n5m8-cbbk" }, { "vulnerability": "VCID-kpny-jvxd-h7df" }, { "vulnerability": "VCID-kx1u-3t7h-tyhb" }, { "vulnerability": "VCID-mgev-h4d6-g3c9" }, { "vulnerability": "VCID-mkrz-w4u4-tuaj" }, { "vulnerability": "VCID-n1ag-bkf2-uyd8" }, { "vulnerability": "VCID-n3sz-bxsj-dfbw" }, { "vulnerability": "VCID-p3f9-9fu6-cbff" }, { "vulnerability": "VCID-p78p-43n3-yqgg" }, { "vulnerability": "VCID-pmtb-wxmw-2yh2" }, { "vulnerability": "VCID-ppqc-1vsd-1qg6" }, { "vulnerability": "VCID-qr98-8n65-eue6" }, { "vulnerability": "VCID-qttu-atch-hkcq" }, { "vulnerability": "VCID-qzz2-61s2-bkca" }, { "vulnerability": "VCID-rr9y-73f6-ybab" }, { "vulnerability": "VCID-rwu5-z6rj-uye7" }, { "vulnerability": "VCID-s161-wyhp-e3hw" }, { "vulnerability": "VCID-tba6-aqxs-nqgm" }, { "vulnerability": "VCID-td2e-qeam-fucf" }, { "vulnerability": "VCID-ua6h-y2bc-jqdy" }, { "vulnerability": "VCID-uhhu-7sbk-gqaf" }, { "vulnerability": "VCID-untx-ks69-4yc3" }, { "vulnerability": "VCID-usd5-mpjq-fkgm" }, { "vulnerability": "VCID-vaam-cd2s-pkh3" }, { "vulnerability": "VCID-vf8n-vse9-4qh3" }, { "vulnerability": "VCID-vf9h-vkm4-afgk" }, { "vulnerability": "VCID-vn8s-gm5x-eqbd" }, { "vulnerability": "VCID-wez5-unzz-kudq" }, { "vulnerability": "VCID-wt1r-6349-v7at" }, { "vulnerability": "VCID-x85j-52ep-z7a4" }, { "vulnerability": "VCID-xnb3-ch5w-d3bt" }, { "vulnerability": "VCID-ze1t-z525-n3e2" }, { "vulnerability": "VCID-zeyd-2fwn-87bh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.6%252Brepack-4%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/195413?format=api", "purl": "pkg:deb/debian/hdf5@1.10.6%2Brepack-4%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1qt2-92gt-f3fk" }, { "vulnerability": "VCID-2r6p-322p-37dm" }, { "vulnerability": "VCID-4kz9-zrss-83bx" }, { "vulnerability": "VCID-5v4u-uu83-sqc8" }, { "vulnerability": "VCID-7xfq-w24m-yugw" }, { "vulnerability": "VCID-89j8-dfkx-2bhs" }, { "vulnerability": "VCID-8aac-7mgq-h7a4" }, { "vulnerability": "VCID-8df1-wt32-pqa6" }, { "vulnerability": "VCID-8dhg-t7wf-v3ah" }, { "vulnerability": "VCID-8jym-e7p3-7qgg" }, { "vulnerability": "VCID-adzd-m4tm-v3f8" }, { "vulnerability": "VCID-ajuw-pqtu-mygw" }, { "vulnerability": "VCID-bhy6-usxm-h7a4" }, { "vulnerability": "VCID-c2d5-k2pu-m3ba" }, { "vulnerability": "VCID-c54w-b13w-uke7" }, { "vulnerability": "VCID-caba-jf2d-yubt" }, { "vulnerability": "VCID-d9fr-59ax-vya4" }, { "vulnerability": "VCID-dmz7-rekk-1bax" }, { "vulnerability": "VCID-e4aq-y2zm-tybp" }, { "vulnerability": "VCID-euh2-g5tb-kyc7" }, { "vulnerability": "VCID-evc7-d6mz-dqh7" }, { "vulnerability": "VCID-g4wu-fszp-sbcp" }, { "vulnerability": "VCID-h2q3-ub28-9ygd" }, { "vulnerability": "VCID-hguc-e36x-kkfj" }, { "vulnerability": "VCID-j2ck-xmvp-h7f7" }, { "vulnerability": "VCID-jeu6-8nb9-d3ep" }, { "vulnerability": "VCID-jgjd-n5m8-cbbk" }, { "vulnerability": "VCID-kpny-jvxd-h7df" }, { "vulnerability": "VCID-kx1u-3t7h-tyhb" }, { "vulnerability": "VCID-mgev-h4d6-g3c9" }, { "vulnerability": "VCID-mkrz-w4u4-tuaj" }, { "vulnerability": "VCID-n1ag-bkf2-uyd8" }, { "vulnerability": "VCID-n3sz-bxsj-dfbw" }, { "vulnerability": "VCID-p3f9-9fu6-cbff" }, { "vulnerability": "VCID-p78p-43n3-yqgg" }, { "vulnerability": "VCID-pmtb-wxmw-2yh2" }, { "vulnerability": "VCID-ppqc-1vsd-1qg6" }, { "vulnerability": "VCID-qr98-8n65-eue6" }, { "vulnerability": "VCID-qttu-atch-hkcq" }, { "vulnerability": "VCID-qzz2-61s2-bkca" }, { "vulnerability": "VCID-rr9y-73f6-ybab" }, { "vulnerability": "VCID-rwu5-z6rj-uye7" }, { "vulnerability": "VCID-s161-wyhp-e3hw" }, { "vulnerability": "VCID-tba6-aqxs-nqgm" }, { "vulnerability": "VCID-td2e-qeam-fucf" }, { "vulnerability": "VCID-ua6h-y2bc-jqdy" }, { "vulnerability": "VCID-uhhu-7sbk-gqaf" }, { "vulnerability": "VCID-untx-ks69-4yc3" }, { "vulnerability": "VCID-usd5-mpjq-fkgm" }, { "vulnerability": "VCID-vaam-cd2s-pkh3" }, { "vulnerability": "VCID-vf8n-vse9-4qh3" }, { "vulnerability": "VCID-vf9h-vkm4-afgk" }, { "vulnerability": "VCID-vn8s-gm5x-eqbd" }, { "vulnerability": "VCID-wez5-unzz-kudq" }, { "vulnerability": "VCID-wt1r-6349-v7at" }, { "vulnerability": "VCID-x85j-52ep-z7a4" }, { "vulnerability": "VCID-xnb3-ch5w-d3bt" }, { "vulnerability": "VCID-ze1t-z525-n3e2" }, { "vulnerability": "VCID-zeyd-2fwn-87bh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.6%252Brepack-4%252Bdeb11u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/98389?format=api", "purl": "pkg:deb/debian/hdf5@1.10.8%2Brepack1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1qt2-92gt-f3fk" }, { "vulnerability": "VCID-2r6p-322p-37dm" }, { "vulnerability": "VCID-5v4u-uu83-sqc8" }, { "vulnerability": "VCID-7xfq-w24m-yugw" }, { "vulnerability": "VCID-89j8-dfkx-2bhs" }, { "vulnerability": "VCID-8aac-7mgq-h7a4" }, { "vulnerability": "VCID-8df1-wt32-pqa6" }, { "vulnerability": "VCID-8dhg-t7wf-v3ah" }, { "vulnerability": "VCID-8jym-e7p3-7qgg" }, { "vulnerability": "VCID-adzd-m4tm-v3f8" }, { "vulnerability": "VCID-ajuw-pqtu-mygw" }, { "vulnerability": "VCID-bhy6-usxm-h7a4" }, { "vulnerability": "VCID-c2d5-k2pu-m3ba" }, { "vulnerability": "VCID-c54w-b13w-uke7" }, { "vulnerability": "VCID-caba-jf2d-yubt" }, { "vulnerability": "VCID-d9fr-59ax-vya4" }, { "vulnerability": "VCID-e4aq-y2zm-tybp" }, { "vulnerability": "VCID-euh2-g5tb-kyc7" }, { "vulnerability": "VCID-evc7-d6mz-dqh7" }, { "vulnerability": "VCID-g4wu-fszp-sbcp" }, { "vulnerability": "VCID-h2q3-ub28-9ygd" }, { "vulnerability": "VCID-hguc-e36x-kkfj" }, { "vulnerability": "VCID-j2ck-xmvp-h7f7" }, { "vulnerability": "VCID-jeu6-8nb9-d3ep" }, { "vulnerability": "VCID-jgjd-n5m8-cbbk" }, { "vulnerability": "VCID-kx1u-3t7h-tyhb" }, { "vulnerability": "VCID-mgev-h4d6-g3c9" }, { "vulnerability": "VCID-mkrz-w4u4-tuaj" }, { "vulnerability": "VCID-n1ag-bkf2-uyd8" }, { "vulnerability": "VCID-n3sz-bxsj-dfbw" }, { "vulnerability": "VCID-p3f9-9fu6-cbff" }, { "vulnerability": "VCID-ppqc-1vsd-1qg6" }, { "vulnerability": "VCID-qr98-8n65-eue6" }, { "vulnerability": "VCID-qzz2-61s2-bkca" }, { "vulnerability": "VCID-rr9y-73f6-ybab" }, { "vulnerability": "VCID-rwu5-z6rj-uye7" }, { "vulnerability": "VCID-s161-wyhp-e3hw" }, { "vulnerability": "VCID-tba6-aqxs-nqgm" }, { "vulnerability": "VCID-td2e-qeam-fucf" }, { "vulnerability": "VCID-uhhu-7sbk-gqaf" }, { "vulnerability": "VCID-usd5-mpjq-fkgm" }, { "vulnerability": "VCID-vaam-cd2s-pkh3" }, { "vulnerability": "VCID-vf8n-vse9-4qh3" }, { "vulnerability": "VCID-vf9h-vkm4-afgk" }, { "vulnerability": "VCID-vn8s-gm5x-eqbd" }, { "vulnerability": "VCID-wez5-unzz-kudq" }, { "vulnerability": "VCID-wt1r-6349-v7at" }, { "vulnerability": "VCID-x85j-52ep-z7a4" }, { "vulnerability": "VCID-xnb3-ch5w-d3bt" }, { "vulnerability": "VCID-ze1t-z525-n3e2" }, { "vulnerability": "VCID-zeyd-2fwn-87bh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.8%252Brepack1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/195414?format=api", "purl": "pkg:deb/debian/hdf5@1.10.8%2Brepack1-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1qt2-92gt-f3fk" }, { "vulnerability": "VCID-2r6p-322p-37dm" }, { "vulnerability": "VCID-5v4u-uu83-sqc8" }, { "vulnerability": "VCID-7xfq-w24m-yugw" }, { "vulnerability": "VCID-89j8-dfkx-2bhs" }, { "vulnerability": "VCID-8aac-7mgq-h7a4" }, { "vulnerability": "VCID-8df1-wt32-pqa6" }, { "vulnerability": "VCID-8dhg-t7wf-v3ah" }, { "vulnerability": "VCID-8jym-e7p3-7qgg" }, { "vulnerability": "VCID-adzd-m4tm-v3f8" }, { "vulnerability": "VCID-ajuw-pqtu-mygw" }, { "vulnerability": "VCID-bhy6-usxm-h7a4" }, { "vulnerability": "VCID-c2d5-k2pu-m3ba" }, { "vulnerability": "VCID-c54w-b13w-uke7" }, { "vulnerability": "VCID-caba-jf2d-yubt" }, { "vulnerability": "VCID-d9fr-59ax-vya4" }, { "vulnerability": "VCID-e4aq-y2zm-tybp" }, { "vulnerability": "VCID-euh2-g5tb-kyc7" }, { "vulnerability": "VCID-evc7-d6mz-dqh7" }, { "vulnerability": "VCID-g4wu-fszp-sbcp" }, { "vulnerability": "VCID-h2q3-ub28-9ygd" }, { "vulnerability": "VCID-hguc-e36x-kkfj" }, { "vulnerability": "VCID-j2ck-xmvp-h7f7" }, { "vulnerability": "VCID-jeu6-8nb9-d3ep" }, { "vulnerability": "VCID-jgjd-n5m8-cbbk" }, { "vulnerability": "VCID-kx1u-3t7h-tyhb" }, { "vulnerability": "VCID-mgev-h4d6-g3c9" }, { "vulnerability": "VCID-mkrz-w4u4-tuaj" }, { "vulnerability": "VCID-n1ag-bkf2-uyd8" }, { "vulnerability": "VCID-n3sz-bxsj-dfbw" }, { "vulnerability": "VCID-p3f9-9fu6-cbff" }, { "vulnerability": "VCID-ppqc-1vsd-1qg6" }, { "vulnerability": "VCID-qr98-8n65-eue6" }, { "vulnerability": "VCID-qzz2-61s2-bkca" }, { "vulnerability": "VCID-rr9y-73f6-ybab" }, { "vulnerability": "VCID-rwu5-z6rj-uye7" }, { "vulnerability": "VCID-s161-wyhp-e3hw" }, { "vulnerability": "VCID-tba6-aqxs-nqgm" }, { "vulnerability": "VCID-td2e-qeam-fucf" }, { "vulnerability": "VCID-uhhu-7sbk-gqaf" }, { "vulnerability": "VCID-usd5-mpjq-fkgm" }, { "vulnerability": "VCID-vaam-cd2s-pkh3" }, { "vulnerability": "VCID-vf8n-vse9-4qh3" }, { "vulnerability": "VCID-vf9h-vkm4-afgk" }, { "vulnerability": "VCID-vn8s-gm5x-eqbd" }, { "vulnerability": "VCID-wez5-unzz-kudq" }, { "vulnerability": "VCID-wt1r-6349-v7at" }, { "vulnerability": "VCID-x85j-52ep-z7a4" }, { "vulnerability": "VCID-xnb3-ch5w-d3bt" }, { "vulnerability": "VCID-ze1t-z525-n3e2" }, { "vulnerability": "VCID-zeyd-2fwn-87bh" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.8%252Brepack1-1" } ], "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-45833.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-45833.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-45833", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.50065", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.50127", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.50135", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.5012", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-45833" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45833", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45833" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/HDFGroup/hdf5/issues/1313", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/HDFGroup/hdf5/issues/1313" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2049109", "reference_id": "2049109", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2049109" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45833", "reference_id": "CVE-2021-45833", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45833" } ], "weaknesses": [ { "cwe_id": 1035, "name": "OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017." }, { "cwe_id": 787, "name": "Out-of-bounds Write", "description": "The product writes data past the end, or before the beginning, of the intended buffer." }, { "cwe_id": 937, "name": "OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013." } ], "exploits": [], "severity_range_score": "4.5 - 5.5", "exploitability": "0.5", "weighted_severity": "5.0", "risk_score": 2.5, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e4aq-y2zm-tybp" }