VulnerableCode Package Details - pkg:conan/hdf5@1.12.0

Search for packages

Vulnerability	Summary	Fixed by
VCID-4z4c-qk9x-wybh Aliases: CVE-2020-10812	NULL Pointer Dereference A NULL pointer dereference exists in the function `H5F_get_nrefs()` located in `H5Fquery.c`. It allows an attacker to cause Denial of Service.	There are no reported fixed by versions.
VCID-8df1-wt32-pqa6 Aliases: CVE-2021-37501	Out-of-bounds Write Buffer Overflow vulnerability in HDFGroup hdf5-h5dump 1.12.0 through 1.13.0 allows attackers to cause a denial of service via h5tools_str_sprint in /hdf5/tools/lib/h5tools_str.c.	1.13.1 Affected by 0 other vulnerabilities.
VCID-dmz7-rekk-1bax Aliases: CVE-2020-10810	NULL Pointer Dereference A NULL pointer dereference exists in the function `H5AC_unpin_entry()` located in `H5AC.c`. It allows an attacker to cause Denial of Service.	There are no reported fixed by versions.
VCID-ua6h-y2bc-jqdy Aliases: CVE-2020-10811	Out-of-bounds Read An issue was discovered in HDF5. A heap-based buffer over-read exists in the function `H5O__layout_decode()` located in `H5Olayout.c`. It allows an attacker to cause Denial of Service.	There are no reported fixed by versions.
VCID-xwnq-y1ud-gkh3 Aliases: CVE-2020-10809	Out-of-bounds Write A heap-based buffer overflow exists in the function `Decompress()` located in `decompress.c`. It can be triggered by sending a crafted file to the `gif2h5` binary. It allows an attacker to cause Denial of Service.	There are no reported fixed by versions.

Vulnerability

Summary

Fixed by

VCID-4z4c-qk9x-wybh
Aliases:
CVE-2020-10812

NULL Pointer Dereference A NULL pointer dereference exists in the function `H5F_get_nrefs()` located in `H5Fquery.c`. It allows an attacker to cause Denial of Service.

There are no reported fixed by versions.

VCID-8df1-wt32-pqa6
Aliases:
CVE-2021-37501

Out-of-bounds Write Buffer Overflow vulnerability in HDFGroup hdf5-h5dump 1.12.0 through 1.13.0 allows attackers to cause a denial of service via h5tools_str_sprint in /hdf5/tools/lib/h5tools_str.c.

1.13.1
Affected by 0 other vulnerabilities.

VCID-dmz7-rekk-1bax
Aliases:
CVE-2020-10810

NULL Pointer Dereference A NULL pointer dereference exists in the function `H5AC_unpin_entry()` located in `H5AC.c`. It allows an attacker to cause Denial of Service.

There are no reported fixed by versions.

VCID-ua6h-y2bc-jqdy
Aliases:
CVE-2020-10811

Out-of-bounds Read An issue was discovered in HDF5. A heap-based buffer over-read exists in the function `H5O__layout_decode()` located in `H5Olayout.c`. It allows an attacker to cause Denial of Service.

There are no reported fixed by versions.

VCID-xwnq-y1ud-gkh3
Aliases:
CVE-2020-10809

Out-of-bounds Write A heap-based buffer overflow exists in the function `Decompress()` located in `decompress.c`. It can be triggered by sending a crafted file to the `gif2h5` binary. It allows an attacker to cause Denial of Service.

There are no reported fixed by versions.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-04T16:19:53.381034+00:00	GitLab Importer	Affected by	VCID-dmz7-rekk-1bax	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/hdf5/CVE-2020-10810.yml	38.6.0
2026-06-04T16:19:53.249399+00:00	GitLab Importer	Affected by	VCID-xwnq-y1ud-gkh3	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/hdf5/CVE-2020-10809.yml	38.6.0
2026-06-04T16:19:53.233845+00:00	GitLab Importer	Affected by	VCID-ua6h-y2bc-jqdy	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/hdf5/CVE-2020-10811.yml	38.6.0
2026-06-04T16:19:53.217954+00:00	GitLab Importer	Affected by	VCID-4z4c-qk9x-wybh	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/hdf5/CVE-2020-10812.yml	38.6.0
2026-06-02T04:43:56.443073+00:00	GitLab Importer	Affected by	VCID-8df1-wt32-pqa6	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/hdf5/CVE-2021-37501.yml	38.6.0