{"url":"http://public2.vulnerablecode.io/api/packages/98389?format=json","purl":"pkg:deb/debian/hdf5@1.10.8%2Brepack1-1?distro=trixie","type":"deb","namespace":"debian","name":"hdf5","version":"1.10.8+repack1-1","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"1.10.10+repack-1","latest_non_vulnerable_version":"1.14.6+repack-2","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72373?format=json","vulnerability_id":"VCID-1qt2-92gt-f3fk","summary":"HDF5 Library through 1.14.3 contains a heap-based buffer over-read in the function H5HL__fl_deserialize in H5HLcache.c, a different vulnerability than CVE-2024-32612.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32613.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32613.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-32613","reference_id":"","reference_type":"","scores":[{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25089","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25078","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25025","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-32613"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32613","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32613"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070861","reference_id":"1070861","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070861"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280037","reference_id":"2280037","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280037"},{"reference_url":"https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/","reference_id":"new-hdf5-cve-issues-fixed-in-1-14-4","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-09T18:12:45Z/"}],"url":"https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3801","reference_id":"RHSA-2025:3801","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3801"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98395?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98393?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98392?format=json","purl":"pkg:deb/debian/hdf5@1.14.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.6%252Brepack-2%3Fdistro=trixie"}],"aliases":["CVE-2024-32613"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1qt2-92gt-f3fk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72380?format=json","vulnerability_id":"VCID-2r6p-322p-37dm","summary":"HDF5 Library through 1.14.3 contains a heap-based buffer over-read in H5F_addr_decode_len in H5Fint.c, resulting in the corruption of the instruction pointer.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32620.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32620.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-32620","reference_id":"","reference_type":"","scores":[{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21962","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21948","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.219","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-32620"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32620","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32620"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070861","reference_id":"1070861","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070861"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280037","reference_id":"2280037","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280037"},{"reference_url":"https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/","reference_id":"new-hdf5-cve-issues-fixed-in-1-14-4","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-09T18:12:31Z/"}],"url":"https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3801","reference_id":"RHSA-2025:3801","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3801"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98395?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98393?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98392?format=json","purl":"pkg:deb/debian/hdf5@1.14.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.6%252Brepack-2%3Fdistro=trixie"}],"aliases":["CVE-2024-32620"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2r6p-322p-37dm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72369?format=json","vulnerability_id":"VCID-5v4u-uu83-sqc8","summary":"HDF5 Library through 1.14.3 allows stack consumption in the function H5E_printf_stack in H5Eint.c.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32609.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32609.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-32609","reference_id":"","reference_type":"","scores":[{"value":"0.00418","scoring_system":"epss","scoring_elements":"0.62177","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00418","scoring_system":"epss","scoring_elements":"0.62185","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00418","scoring_system":"epss","scoring_elements":"0.62174","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-32609"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32609","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32609"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070861","reference_id":"1070861","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070861"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280037","reference_id":"2280037","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280037"},{"reference_url":"https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/","reference_id":"new-hdf5-cve-issues-fixed-in-1-14-4","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-16T15:46:41Z/"}],"url":"https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3801","reference_id":"RHSA-2025:3801","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3801"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98395?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98393?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98392?format=json","purl":"pkg:deb/debian/hdf5@1.14.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.6%252Brepack-2%3Fdistro=trixie"}],"aliases":["CVE-2024-32609"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5v4u-uu83-sqc8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72384?format=json","vulnerability_id":"VCID-7xfq-w24m-yugw","summary":"HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5T__ref_mem_setnull in H5Tref.c (called from H5T__conv_ref in H5Tconv.c), resulting in the corruption of the instruction pointer.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32624.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32624.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-32624","reference_id":"","reference_type":"","scores":[{"value":"0.00446","scoring_system":"epss","scoring_elements":"0.63827","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00446","scoring_system":"epss","scoring_elements":"0.63834","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00446","scoring_system":"epss","scoring_elements":"0.63826","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-32624"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32624"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070861","reference_id":"1070861","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070861"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280037","reference_id":"2280037","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280037"},{"reference_url":"https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/","reference_id":"new-hdf5-cve-issues-fixed-in-1-14-4","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-09T19:29:50Z/"}],"url":"https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3801","reference_id":"RHSA-2025:3801","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3801"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98395?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98393?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98392?format=json","purl":"pkg:deb/debian/hdf5@1.14.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.6%252Brepack-2%3Fdistro=trixie"}],"aliases":["CVE-2024-32624"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7xfq-w24m-yugw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72365?format=json","vulnerability_id":"VCID-89j8-dfkx-2bhs","summary":"HDF5 Library through 1.14.3 has a heap-based buffer over-read in H5VM_memcpyvv in H5VM.c (called from H5D__compact_readvv in H5Dcompact.c).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32605.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32605.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-32605","reference_id":"","reference_type":"","scores":[{"value":"0.00479","scoring_system":"epss","scoring_elements":"0.65453","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00479","scoring_system":"epss","scoring_elements":"0.65464","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00479","scoring_system":"epss","scoring_elements":"0.65452","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-32605"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32605","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32605"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070861","reference_id":"1070861","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070861"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280037","reference_id":"2280037","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280037"},{"reference_url":"https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/","reference_id":"new-hdf5-cve-issues-fixed-in-1-14-4","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-09T18:24:23Z/"}],"url":"https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3801","reference_id":"RHSA-2025:3801","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3801"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98395?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98393?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98392?format=json","purl":"pkg:deb/debian/hdf5@1.14.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.6%252Brepack-2%3Fdistro=trixie"}],"aliases":["CVE-2024-32605"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-89j8-dfkx-2bhs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72370?format=json","vulnerability_id":"VCID-8aac-7mgq-h7a4","summary":"HDF5 Library through 1.14.3 has a SEGV in H5T_close_real in H5T.c, resulting in a corrupted instruction pointer.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32610.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32610.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-32610","reference_id":"","reference_type":"","scores":[{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.1655","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16547","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16505","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-32610"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32610","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32610"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070861","reference_id":"1070861","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070861"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280037","reference_id":"2280037","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280037"},{"reference_url":"https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/","reference_id":"new-hdf5-cve-issues-fixed-in-1-14-4","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-20T13:20:14Z/"}],"url":"https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98395?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98393?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98392?format=json","purl":"pkg:deb/debian/hdf5@1.14.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.6%252Brepack-2%3Fdistro=trixie"}],"aliases":["CVE-2024-32610"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8aac-7mgq-h7a4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/44371?format=json","vulnerability_id":"VCID-8df1-wt32-pqa6","summary":"Out-of-bounds Write\nBuffer Overflow vulnerability in HDFGroup hdf5-h5dump 1.12.0 through 1.13.0 allows attackers to cause a denial of service via h5tools_str_sprint in /hdf5/tools/lib/h5tools_str.c.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-37501.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-37501.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-37501","reference_id":"","reference_type":"","scores":[{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.34377","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.34279","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00152","scoring_system":"epss","scoring_elements":"0.3567","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00152","scoring_system":"epss","scoring_elements":"0.3571","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-37501"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37501","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37501"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/HDFGroup/hdf5","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-26T18:37:52Z/"}],"url":"https://github.com/HDFGroup/hdf5"},{"reference_url":"https://github.com/ST4RF4LL/Something_Found/blob/main/HDF5_v1.13.0_h5dump_heap_overflow.md","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-26T18:37:52Z/"}],"url":"https://github.com/ST4RF4LL/Something_Found/blob/main/HDF5_v1.13.0_h5dump_heap_overflow.md"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2230281","reference_id":"2230281","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2230281"},{"reference_url":"https://github.com/HDFGroup/hdf5/issues/2458","reference_id":"2458","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-26T18:37:52Z/"}],"url":"https://github.com/HDFGroup/hdf5/issues/2458"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-37501","reference_id":"CVE-2021-37501","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-37501"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3801","reference_id":"RHSA-2025:3801","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3801"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98395?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98393?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98392?format=json","purl":"pkg:deb/debian/hdf5@1.14.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.6%252Brepack-2%3Fdistro=trixie"}],"aliases":["CVE-2021-37501"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8df1-wt32-pqa6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72356?format=json","vulnerability_id":"VCID-8dhg-t7wf-v3ah","summary":"HDF5 through 1.14.3 contains a stack buffer overflow in H5FL_arr_malloc, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-29158.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-29158.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-29158","reference_id":"","reference_type":"","scores":[{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.22091","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.22077","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.22029","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-29158"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-29158","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-29158"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070861","reference_id":"1070861","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070861"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280037","reference_id":"2280037","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280037"},{"reference_url":"https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/","reference_id":"new-hdf5-cve-issues-fixed-in-1-14-4","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-09T18:16:55Z/"}],"url":"https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3801","reference_id":"RHSA-2025:3801","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3801"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98395?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98393?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98392?format=json","purl":"pkg:deb/debian/hdf5@1.14.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.6%252Brepack-2%3Fdistro=trixie"}],"aliases":["CVE-2024-29158"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8dhg-t7wf-v3ah"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72309?format=json","vulnerability_id":"VCID-8jym-e7p3-7qgg","summary":"An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5T_copy in H5T.c.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14031.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14031.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14031","reference_id":"","reference_type":"","scores":[{"value":"0.00546","scoring_system":"epss","scoring_elements":"0.68189","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00546","scoring_system":"epss","scoring_elements":"0.68228","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00546","scoring_system":"epss","scoring_elements":"0.68236","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14031"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14031","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14031"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1600979","reference_id":"1600979","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1600979"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98395?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98393?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98392?format=json","purl":"pkg:deb/debian/hdf5@1.14.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.6%252Brepack-2%3Fdistro=trixie"}],"aliases":["CVE-2018-14031"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8jym-e7p3-7qgg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72386?format=json","vulnerability_id":"VCID-adzd-m4tm-v3f8","summary":"HDF5 Library through 1.14.3 has a heap buffer overflow in H5O__mtime_new_encode in H5Omtime.c.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-33874.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-33874.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-33874","reference_id":"","reference_type":"","scores":[{"value":"0.00481","scoring_system":"epss","scoring_elements":"0.6553","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00481","scoring_system":"epss","scoring_elements":"0.6554","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00481","scoring_system":"epss","scoring_elements":"0.65529","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-33874"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33874","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33874"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070861","reference_id":"1070861","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070861"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280037","reference_id":"2280037","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280037"},{"reference_url":"https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/","reference_id":"new-hdf5-cve-issues-fixed-in-1-14-4","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-05-15T15:46:32Z/"}],"url":"https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3801","reference_id":"RHSA-2025:3801","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3801"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98395?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98393?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98392?format=json","purl":"pkg:deb/debian/hdf5@1.14.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.6%252Brepack-2%3Fdistro=trixie"}],"aliases":["CVE-2024-33874"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"4.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-adzd-m4tm-v3f8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72360?format=json","vulnerability_id":"VCID-ajuw-pqtu-mygw","summary":"HDF5 through 1.13.3 and/or 1.14.2 contains a stack buffer overflow in H5HG_read, resulting in denial of service or potential code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-29162.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-29162.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-29162","reference_id":"","reference_type":"","scores":[{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.24936","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.24924","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.24867","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-29162"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-29162","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-29162"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070861","reference_id":"1070861","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070861"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280037","reference_id":"2280037","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280037"},{"reference_url":"https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/","reference_id":"new-hdf5-cve-issues-fixed-in-1-14-4","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-09T18:16:18Z/"}],"url":"https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3801","reference_id":"RHSA-2025:3801","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3801"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98395?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98393?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98392?format=json","purl":"pkg:deb/debian/hdf5@1.14.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.6%252Brepack-2%3Fdistro=trixie"}],"aliases":["CVE-2024-29162"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ajuw-pqtu-mygw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72387?format=json","vulnerability_id":"VCID-bhy6-usxm-h7a4","summary":"HDF5 Library through 1.14.3 has a heap-based buffer overflow in H5O__layout_encode in H5Olayout.c, resulting in the corruption of the instruction pointer.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-33875.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-33875.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-33875","reference_id":"","reference_type":"","scores":[{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.20027","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.20022","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19983","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-33875"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33875","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33875"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070861","reference_id":"1070861","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070861"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280037","reference_id":"2280037","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280037"},{"reference_url":"https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/","reference_id":"new-hdf5-cve-issues-fixed-in-1-14-4","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-19T18:05:03Z/"}],"url":"https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98395?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98393?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98392?format=json","purl":"pkg:deb/debian/hdf5@1.14.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.6%252Brepack-2%3Fdistro=trixie"}],"aliases":["CVE-2024-33875"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bhy6-usxm-h7a4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72312?format=json","vulnerability_id":"VCID-c2d5-k2pu-m3ba","summary":"An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5O_layout_decode in H5Olayout.c, related to HDmemcpy.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14033.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14033.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14033","reference_id":"","reference_type":"","scores":[{"value":"0.00546","scoring_system":"epss","scoring_elements":"0.68189","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00546","scoring_system":"epss","scoring_elements":"0.68228","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00546","scoring_system":"epss","scoring_elements":"0.68236","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14033"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14033","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14033"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1600982","reference_id":"1600982","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1600982"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98395?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98393?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98392?format=json","purl":"pkg:deb/debian/hdf5@1.14.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.6%252Brepack-2%3Fdistro=trixie"}],"aliases":["CVE-2018-14033"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c2d5-k2pu-m3ba"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72376?format=json","vulnerability_id":"VCID-c54w-b13w-uke7","summary":"HDF5 Library through 1.14.3 contains a heap-based buffer over-read in H5O__dtype_encode_helper in H5Odtype.c.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32616.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32616.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-32616","reference_id":"","reference_type":"","scores":[{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25089","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25078","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25025","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-32616"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32616","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32616"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070861","reference_id":"1070861","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070861"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280037","reference_id":"2280037","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280037"},{"reference_url":"https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/","reference_id":"new-hdf5-cve-issues-fixed-in-1-14-4","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-09T18:12:38Z/"}],"url":"https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3801","reference_id":"RHSA-2025:3801","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3801"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98395?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98393?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98392?format=json","purl":"pkg:deb/debian/hdf5@1.14.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.6%252Brepack-2%3Fdistro=trixie"}],"aliases":["CVE-2024-32616"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c54w-b13w-uke7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72368?format=json","vulnerability_id":"VCID-caba-jf2d-yubt","summary":"HDF5 library through 1.14.3 has memory corruption in H5A__close resulting in the corruption of the instruction pointer and causing denial of service or potential code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32608.json","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32608.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-32608","reference_id":"","reference_type":"","scores":[{"value":"0.0094","scoring_system":"epss","scoring_elements":"0.76638","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0094","scoring_system":"epss","scoring_elements":"0.76634","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0094","scoring_system":"epss","scoring_elements":"0.76644","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-32608"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32608","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32608"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070861","reference_id":"1070861","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070861"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280037","reference_id":"2280037","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280037"},{"reference_url":"https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/","reference_id":"new-hdf5-cve-issues-fixed-in-1-14-4","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-09T20:27:48Z/"}],"url":"https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3801","reference_id":"RHSA-2025:3801","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3801"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98395?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98393?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98392?format=json","purl":"pkg:deb/debian/hdf5@1.14.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.6%252Brepack-2%3Fdistro=trixie"}],"aliases":["CVE-2024-32608"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"4.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-caba-jf2d-yubt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72385?format=json","vulnerability_id":"VCID-d9fr-59ax-vya4","summary":"HDF5 Library through 1.14.3 has a heap-based buffer overflow in H5D__scatter_mem in H5Dscatgath.c.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-33873.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-33873.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-33873","reference_id":"","reference_type":"","scores":[{"value":"0.005","scoring_system":"epss","scoring_elements":"0.66383","published_at":"2026-06-05T12:55:00Z"},{"value":"0.005","scoring_system":"epss","scoring_elements":"0.66392","published_at":"2026-06-06T12:55:00Z"},{"value":"0.005","scoring_system":"epss","scoring_elements":"0.66377","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-33873"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33873","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33873"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070861","reference_id":"1070861","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070861"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280037","reference_id":"2280037","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280037"},{"reference_url":"https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/","reference_id":"new-hdf5-cve-issues-fixed-in-1-14-4","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-09T18:24:19Z/"}],"url":"https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3801","reference_id":"RHSA-2025:3801","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3801"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98395?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98393?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98392?format=json","purl":"pkg:deb/debian/hdf5@1.14.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.6%252Brepack-2%3Fdistro=trixie"}],"aliases":["CVE-2024-33873"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d9fr-59ax-vya4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41958?format=json","vulnerability_id":"VCID-e4aq-y2zm-tybp","summary":"Out-of-bounds Write\nA Stack-based Buffer Overflow Vulnerability exists in HDF5 via the H5D__create_chunk_file_map_hyper function in /hdf5/src/H5Dchunk.c, which causes a Denial of Service (context-dependent).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-45833.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-45833.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-45833","reference_id":"","reference_type":"","scores":[{"value":"0.00264","scoring_system":"epss","scoring_elements":"0.50065","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00264","scoring_system":"epss","scoring_elements":"0.50127","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00264","scoring_system":"epss","scoring_elements":"0.50135","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00264","scoring_system":"epss","scoring_elements":"0.5012","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-45833"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45833","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45833"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/HDFGroup/hdf5/issues/1313","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/HDFGroup/hdf5/issues/1313"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2049109","reference_id":"2049109","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2049109"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-45833","reference_id":"CVE-2021-45833","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-45833"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98395?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98393?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98392?format=json","purl":"pkg:deb/debian/hdf5@1.14.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.6%252Brepack-2%3Fdistro=trixie"}],"aliases":["CVE-2021-45833"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e4aq-y2zm-tybp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72363?format=json","vulnerability_id":"VCID-euh2-g5tb-kyc7","summary":"HDF5 through 1.14.3 contains a buffer overflow in H5Z__filter_fletcher32, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-29165.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-29165.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-29165","reference_id":"","reference_type":"","scores":[{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.24936","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.24924","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.24867","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-29165"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-29165","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-29165"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070861","reference_id":"1070861","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070861"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280037","reference_id":"2280037","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280037"},{"reference_url":"https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/","reference_id":"new-hdf5-cve-issues-fixed-in-1-14-4","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-09T18:14:54Z/"}],"url":"https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3801","reference_id":"RHSA-2025:3801","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3801"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98395?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98393?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98392?format=json","purl":"pkg:deb/debian/hdf5@1.14.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.6%252Brepack-2%3Fdistro=trixie"}],"aliases":["CVE-2024-29165"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-euh2-g5tb-kyc7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72383?format=json","vulnerability_id":"VCID-evc7-d6mz-dqh7","summary":"HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5VM_array_fill in H5VM.c (called from H5S_select_elements in H5Spoint.c).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32623.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32623.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-32623","reference_id":"","reference_type":"","scores":[{"value":"0.006","scoring_system":"epss","scoring_elements":"0.69873","published_at":"2026-06-05T12:55:00Z"},{"value":"0.006","scoring_system":"epss","scoring_elements":"0.69882","published_at":"2026-06-06T12:55:00Z"},{"value":"0.006","scoring_system":"epss","scoring_elements":"0.69872","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-32623"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32623","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32623"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070861","reference_id":"1070861","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070861"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280037","reference_id":"2280037","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280037"},{"reference_url":"https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/","reference_id":"new-hdf5-cve-issues-fixed-in-1-14-4","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-10T14:03:15Z/"}],"url":"https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3801","reference_id":"RHSA-2025:3801","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3801"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98395?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98393?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98392?format=json","purl":"pkg:deb/debian/hdf5@1.14.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.6%252Brepack-2%3Fdistro=trixie"}],"aliases":["CVE-2024-32623"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-evc7-d6mz-dqh7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72382?format=json","vulnerability_id":"VCID-g4wu-fszp-sbcp","summary":"HDF5 Library through 1.14.3 contains a out-of-bounds read operation in H5FL_arr_malloc in H5FL.c (called from H5S_set_extent_simple in H5S.c).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32622.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32622.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-32622","reference_id":"","reference_type":"","scores":[{"value":"0.00454","scoring_system":"epss","scoring_elements":"0.64187","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00454","scoring_system":"epss","scoring_elements":"0.64195","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00454","scoring_system":"epss","scoring_elements":"0.64184","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-32622"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32622","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32622"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070861","reference_id":"1070861","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070861"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280037","reference_id":"2280037","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280037"},{"reference_url":"https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/","reference_id":"new-hdf5-cve-issues-fixed-in-1-14-4","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-20T13:23:51Z/"}],"url":"https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3801","reference_id":"RHSA-2025:3801","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3801"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98395?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98393?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98392?format=json","purl":"pkg:deb/debian/hdf5@1.14.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.6%252Brepack-2%3Fdistro=trixie"}],"aliases":["CVE-2024-32622"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-g4wu-fszp-sbcp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72317?format=json","vulnerability_id":"VCID-h2q3-ub28-9ygd","summary":"An issue was discovered in the HDF HDF5 1.8.20 library. There is an out of bounds read in H5L_extern_query at H5Lexternal.c.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16438.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16438.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16438","reference_id":"","reference_type":"","scores":[{"value":"0.0055","scoring_system":"epss","scoring_elements":"0.68317","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0055","scoring_system":"epss","scoring_elements":"0.68359","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0055","scoring_system":"epss","scoring_elements":"0.68367","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16438"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16438","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16438"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1625424","reference_id":"1625424","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1625424"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98395?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98393?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98392?format=json","purl":"pkg:deb/debian/hdf5@1.14.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.6%252Brepack-2%3Fdistro=trixie"}],"aliases":["CVE-2018-16438"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h2q3-ub28-9ygd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72389?format=json","vulnerability_id":"VCID-hguc-e36x-kkfj","summary":"HDF5 Library through 1.14.3 has a heap-based buffer overflow in H5T__conv_struct_opt in H5Tconv.c.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-33877.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-33877.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-33877","reference_id":"","reference_type":"","scores":[{"value":"0.006","scoring_system":"epss","scoring_elements":"0.69873","published_at":"2026-06-05T12:55:00Z"},{"value":"0.006","scoring_system":"epss","scoring_elements":"0.69882","published_at":"2026-06-06T12:55:00Z"},{"value":"0.006","scoring_system":"epss","scoring_elements":"0.69872","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-33877"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33877","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33877"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070861","reference_id":"1070861","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070861"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280037","reference_id":"2280037","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280037"},{"reference_url":"https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/","reference_id":"new-hdf5-cve-issues-fixed-in-1-14-4","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-09T18:23:53Z/"}],"url":"https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3801","reference_id":"RHSA-2025:3801","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3801"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98395?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98393?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98392?format=json","purl":"pkg:deb/debian/hdf5@1.14.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.6%252Brepack-2%3Fdistro=trixie"}],"aliases":["CVE-2024-33877"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hguc-e36x-kkfj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72282?format=json","vulnerability_id":"VCID-j2ck-xmvp-h7f7","summary":"In HDF5 1.10.1, there is an out of bounds read vulnerability in the function H5T_conv_struct_opt in H5Tconv.c in libhdf5.a. For example, h5dump would crash when someone opens a crafted hdf5 file.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17507.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17507.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-17507","reference_id":"","reference_type":"","scores":[{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.34946","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.34869","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.34966","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.34981","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-17507"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17507","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17507"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:N/C:P/I:N/A:P"},{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1524909","reference_id":"1524909","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1524909"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=915807","reference_id":"915807","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=915807"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98395?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98393?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98392?format=json","purl":"pkg:deb/debian/hdf5@1.14.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.6%252Brepack-2%3Fdistro=trixie"}],"aliases":["CVE-2017-17507"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j2ck-xmvp-h7f7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72339?format=json","vulnerability_id":"VCID-jeu6-8nb9-d3ep","summary":"A buffer overflow in H5O__layout_encode in H5Olayout.c in the HDF HDF5 through 1.10.4 library allows attackers to cause a denial of service via a crafted HDF5 file. This issue was triggered while repacking an HDF5 file, aka \"Invalid write of size 2.\"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8396.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8396.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-8396","reference_id":"","reference_type":"","scores":[{"value":"0.00482","scoring_system":"epss","scoring_elements":"0.65494","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00482","scoring_system":"epss","scoring_elements":"0.65546","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00482","scoring_system":"epss","scoring_elements":"0.65557","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-8396"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8396","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8396"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034838","reference_id":"1034838","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034838"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1678254","reference_id":"1678254","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1678254"},{"reference_url":"https://security.archlinux.org/AVG-901","reference_id":"AVG-901","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-901"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98395?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98393?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98392?format=json","purl":"pkg:deb/debian/hdf5@1.14.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.6%252Brepack-2%3Fdistro=trixie"}],"aliases":["CVE-2019-8396"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jeu6-8nb9-d3ep"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72379?format=json","vulnerability_id":"VCID-jgjd-n5m8-cbbk","summary":"HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5T_copy_reopen in H5T.c, resulting in the corruption of the instruction pointer.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32619.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32619.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-32619","reference_id":"","reference_type":"","scores":[{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25488","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25474","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25427","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-32619"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32619","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32619"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070861","reference_id":"1070861","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070861"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280037","reference_id":"2280037","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280037"},{"reference_url":"https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/","reference_id":"new-hdf5-cve-issues-fixed-in-1-14-4","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-09T18:12:18Z/"}],"url":"https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3801","reference_id":"RHSA-2025:3801","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3801"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98395?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98393?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98392?format=json","purl":"pkg:deb/debian/hdf5@1.14.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.6%252Brepack-2%3Fdistro=trixie"}],"aliases":["CVE-2024-32619"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jgjd-n5m8-cbbk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72337?format=json","vulnerability_id":"VCID-kx1u-3t7h-tyhb","summary":"An issue was discovered in the HDF HDF5 1.10.3 library. There is a stack-based buffer overflow in the function H5S_extent_get_dims() in H5S.c. Specifically, this issue occurs while converting an HDF5 file to a GIF file.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17439.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17439.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-17439","reference_id":"","reference_type":"","scores":[{"value":"0.00686","scoring_system":"epss","scoring_elements":"0.72094","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00686","scoring_system":"epss","scoring_elements":"0.72135","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00686","scoring_system":"epss","scoring_elements":"0.72142","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00686","scoring_system":"epss","scoring_elements":"0.72121","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-17439"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17439","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17439"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1634142","reference_id":"1634142","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1634142"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98395?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98393?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98392?format=json","purl":"pkg:deb/debian/hdf5@1.14.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.6%252Brepack-2%3Fdistro=trixie"}],"aliases":["CVE-2018-17439"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kx1u-3t7h-tyhb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72374?format=json","vulnerability_id":"VCID-mgev-h4d6-g3c9","summary":"HDF5 Library through 1.14.3 has a SEGV in H5VM_memcpyvv in H5VM.c.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32614.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32614.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-32614","reference_id":"","reference_type":"","scores":[{"value":"0.004","scoring_system":"epss","scoring_elements":"0.61059","published_at":"2026-06-05T12:55:00Z"},{"value":"0.004","scoring_system":"epss","scoring_elements":"0.61067","published_at":"2026-06-06T12:55:00Z"},{"value":"0.004","scoring_system":"epss","scoring_elements":"0.61055","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-32614"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32614","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32614"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070861","reference_id":"1070861","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070861"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280037","reference_id":"2280037","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280037"},{"reference_url":"https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/","reference_id":"new-hdf5-cve-issues-fixed-in-1-14-4","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-10T14:06:06Z/"}],"url":"https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3801","reference_id":"RHSA-2025:3801","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3801"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98395?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98393?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98392?format=json","purl":"pkg:deb/debian/hdf5@1.14.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.6%252Brepack-2%3Fdistro=trixie"}],"aliases":["CVE-2024-32614"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mgev-h4d6-g3c9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72371?format=json","vulnerability_id":"VCID-mkrz-w4u4-tuaj","summary":"HDF5 Library through 1.14.3 may use an uninitialized value in H5A__attr_release_table in H5Aint.c.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32611.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32611.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-32611","reference_id":"","reference_type":"","scores":[{"value":"0.00397","scoring_system":"epss","scoring_elements":"0.60857","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00397","scoring_system":"epss","scoring_elements":"0.60864","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00397","scoring_system":"epss","scoring_elements":"0.60852","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-32611"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32611","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32611"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070861","reference_id":"1070861","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070861"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280037","reference_id":"2280037","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280037"},{"reference_url":"https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/","reference_id":"new-hdf5-cve-issues-fixed-in-1-14-4","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-08-19T17:57:42Z/"}],"url":"https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3801","reference_id":"RHSA-2025:3801","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3801"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98395?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98393?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98392?format=json","purl":"pkg:deb/debian/hdf5@1.14.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.6%252Brepack-2%3Fdistro=trixie"}],"aliases":["CVE-2024-32611"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"4.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mkrz-w4u4-tuaj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72367?format=json","vulnerability_id":"VCID-n1ag-bkf2-uyd8","summary":"HDF5 Library through 1.14.3 has a SEGV in H5A__close in H5Aint.c, resulting in the corruption of the instruction pointer.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32607.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32607.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-32607","reference_id":"","reference_type":"","scores":[{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19587","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19581","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19537","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-32607"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32607","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32607"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070861","reference_id":"1070861","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070861"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280037","reference_id":"2280037","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280037"},{"reference_url":"https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/","reference_id":"new-hdf5-cve-issues-fixed-in-1-14-4","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-05T13:54:46Z/"}],"url":"https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98395?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98393?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98392?format=json","purl":"pkg:deb/debian/hdf5@1.14.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.6%252Brepack-2%3Fdistro=trixie"}],"aliases":["CVE-2024-32607"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n1ag-bkf2-uyd8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72358?format=json","vulnerability_id":"VCID-n3sz-bxsj-dfbw","summary":"HDF5 through 1.14.3 contains a heap buffer overflow in H5HG__cache_heap_deserialize, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-29160.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-29160.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-29160","reference_id":"","reference_type":"","scores":[{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.24936","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.24924","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.24867","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-29160"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-29160","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-29160"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070861","reference_id":"1070861","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070861"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280037","reference_id":"2280037","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280037"},{"reference_url":"https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/","reference_id":"new-hdf5-cve-issues-fixed-in-1-14-4","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-09T18:16:33Z/"}],"url":"https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3801","reference_id":"RHSA-2025:3801","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3801"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98395?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98393?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98392?format=json","purl":"pkg:deb/debian/hdf5@1.14.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.6%252Brepack-2%3Fdistro=trixie"}],"aliases":["CVE-2024-29160"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n3sz-bxsj-dfbw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72372?format=json","vulnerability_id":"VCID-p3f9-9fu6-cbff","summary":"HDF5 Library through 1.14.3 contains a heap-based buffer over-read in H5HL__fl_deserialize in H5HLcache.c, resulting in the corruption of the instruction pointer, a different vulnerability than CVE-2024-32613.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32612.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32612.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-32612","reference_id":"","reference_type":"","scores":[{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25089","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25078","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25025","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-32612"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32612","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32612"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070861","reference_id":"1070861","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070861"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280037","reference_id":"2280037","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280037"},{"reference_url":"https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/","reference_id":"new-hdf5-cve-issues-fixed-in-1-14-4","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-09T18:12:51Z/"}],"url":"https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3801","reference_id":"RHSA-2025:3801","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3801"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98395?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98393?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98392?format=json","purl":"pkg:deb/debian/hdf5@1.14.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.6%252Brepack-2%3Fdistro=trixie"}],"aliases":["CVE-2024-32612"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p3f9-9fu6-cbff"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72353?format=json","vulnerability_id":"VCID-ppqc-1vsd-1qg6","summary":"An out-of-bounds write vulnerability exists in the gif2h5 functionality of HDF5 Group libhdf5 1.10.4. A specially-crafted GIF file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-25972.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-25972.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-25972","reference_id":"","reference_type":"","scores":[{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23003","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23028","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23086","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23072","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-25972"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25972","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25972"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://talosintelligence.com/vulnerability_reports/TALOS-2022-1485","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-05T14:56:47Z/"}],"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2022-1485"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031726","reference_id":"1031726","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031726"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2172361","reference_id":"2172361","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2172361"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-25972","reference_id":"CVE-2022-25972","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-25972"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98423?format=json","purl":"pkg:deb/debian/hdf5@1.10.10%2Brepack-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.10%252Brepack-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98393?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98392?format=json","purl":"pkg:deb/debian/hdf5@1.14.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.6%252Brepack-2%3Fdistro=trixie"}],"aliases":["CVE-2022-25972"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ppqc-1vsd-1qg6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72362?format=json","vulnerability_id":"VCID-qr98-8n65-eue6","summary":"HDF5 through 1.14.3 contains a stack buffer overflow in H5R__decode_heap, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-29164.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-29164.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-29164","reference_id":"","reference_type":"","scores":[{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38219","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38222","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38194","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-29164"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-29164","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-29164"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070861","reference_id":"1070861","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070861"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280037","reference_id":"2280037","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280037"},{"reference_url":"https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/","reference_id":"new-hdf5-cve-issues-fixed-in-1-14-4","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-05-20T21:02:05Z/"}],"url":"https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3801","reference_id":"RHSA-2025:3801","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3801"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98395?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98393?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98392?format=json","purl":"pkg:deb/debian/hdf5@1.14.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.6%252Brepack-2%3Fdistro=trixie"}],"aliases":["CVE-2024-29164"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"4.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qr98-8n65-eue6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72352?format=json","vulnerability_id":"VCID-qzz2-61s2-bkca","summary":"An out-of-bounds read vulnerability exists in the gif2h5 functionality of HDF5 Group libhdf5 1.10.4. A specially-crafted GIF file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-25942.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-25942.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-25942","reference_id":"","reference_type":"","scores":[{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26605","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26659","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26708","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26698","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-25942"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25942","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25942"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://talosintelligence.com/vulnerability_reports/TALOS-2022-1486","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-15T18:18:37Z/"}],"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2022-1486"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031726","reference_id":"1031726","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031726"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2172362","reference_id":"2172362","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2172362"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-25942","reference_id":"CVE-2022-25942","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-25942"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98423?format=json","purl":"pkg:deb/debian/hdf5@1.10.10%2Brepack-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.10%252Brepack-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98393?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98392?format=json","purl":"pkg:deb/debian/hdf5@1.14.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.6%252Brepack-2%3Fdistro=trixie"}],"aliases":["CVE-2022-25942"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qzz2-61s2-bkca"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72377?format=json","vulnerability_id":"VCID-rr9y-73f6-ybab","summary":"HDF5 Library through 1.14.3 contains a heap-based buffer over-read caused by the unsafe use of strdup in H5MM_xstrdup in H5MM.c (called from H5G__ent_to_link in H5Glink.c).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32617.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32617.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-32617","reference_id":"","reference_type":"","scores":[{"value":"0.00441","scoring_system":"epss","scoring_elements":"0.63582","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00441","scoring_system":"epss","scoring_elements":"0.63589","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00441","scoring_system":"epss","scoring_elements":"0.6358","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-32617"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32617","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32617"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070861","reference_id":"1070861","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070861"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280037","reference_id":"2280037","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280037"},{"reference_url":"https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/","reference_id":"new-hdf5-cve-issues-fixed-in-1-14-4","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-20T13:21:45Z/"}],"url":"https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3801","reference_id":"RHSA-2025:3801","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3801"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98395?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98393?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98392?format=json","purl":"pkg:deb/debian/hdf5@1.14.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.6%252Brepack-2%3Fdistro=trixie"}],"aliases":["CVE-2024-32617"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rr9y-73f6-ybab"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72359?format=json","vulnerability_id":"VCID-rwu5-z6rj-uye7","summary":"HDF5 through 1.14.3 contains a heap buffer overflow in H5A__attr_release_table, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-29161.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-29161.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-29161","reference_id":"","reference_type":"","scores":[{"value":"0.00403","scoring_system":"epss","scoring_elements":"0.61281","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00403","scoring_system":"epss","scoring_elements":"0.61289","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00403","scoring_system":"epss","scoring_elements":"0.61276","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-29161"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-29161","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-29161"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070861","reference_id":"1070861","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070861"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280037","reference_id":"2280037","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280037"},{"reference_url":"https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/","reference_id":"new-hdf5-cve-issues-fixed-in-1-14-4","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-09T18:24:29Z/"}],"url":"https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3801","reference_id":"RHSA-2025:3801","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3801"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98395?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98393?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98392?format=json","purl":"pkg:deb/debian/hdf5@1.14.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.6%252Brepack-2%3Fdistro=trixie"}],"aliases":["CVE-2024-29161"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rwu5-z6rj-uye7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42140?format=json","vulnerability_id":"VCID-s161-wyhp-e3hw","summary":"A Divide By Zero vulnerability exists in HDF5 v1.13.1-1 vis the function H5T__complete_copy () at /hdf5/src/H5T.c. This vulnerability causes an aritmetic exception, leading to a Denial of Service (DoS).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46244.json","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46244.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-46244","reference_id":"","reference_type":"","scores":[{"value":"0.00413","scoring_system":"epss","scoring_elements":"0.61838","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00413","scoring_system":"epss","scoring_elements":"0.61886","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00413","scoring_system":"epss","scoring_elements":"0.61895","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00413","scoring_system":"epss","scoring_elements":"0.61884","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-46244"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46244","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46244"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/HDFGroup/hdf5/issues/1327","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/HDFGroup/hdf5/issues/1327"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2045000","reference_id":"2045000","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2045000"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-46244","reference_id":"CVE-2021-46244","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-46244"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98395?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98393?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98392?format=json","purl":"pkg:deb/debian/hdf5@1.14.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.6%252Brepack-2%3Fdistro=trixie"}],"aliases":["CVE-2021-46244"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-s161-wyhp-e3hw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72364?format=json","vulnerability_id":"VCID-tba6-aqxs-nqgm","summary":"HDF5 through 1.14.3 contains a buffer overflow in H5O__linfo_decode, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-29166.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-29166.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-29166","reference_id":"","reference_type":"","scores":[{"value":"0.00055","scoring_system":"epss","scoring_elements":"0.17446","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00055","scoring_system":"epss","scoring_elements":"0.17441","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00055","scoring_system":"epss","scoring_elements":"0.17406","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-29166"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-29166","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-29166"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070861","reference_id":"1070861","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070861"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280037","reference_id":"2280037","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280037"},{"reference_url":"https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/","reference_id":"new-hdf5-cve-issues-fixed-in-1-14-4","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-16T16:17:22Z/"}],"url":"https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98395?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98393?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98392?format=json","purl":"pkg:deb/debian/hdf5@1.14.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.6%252Brepack-2%3Fdistro=trixie"}],"aliases":["CVE-2024-29166"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tba6-aqxs-nqgm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41964?format=json","vulnerability_id":"VCID-td2e-qeam-fucf","summary":"Out-of-bounds Write\nA heap-based buffer overflow vulnerability exists in HDF5 via H5F_addr_decode_len in /hdf5/src/H5Fint.c, which could cause a Denial of Service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-45830.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-45830.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-45830","reference_id":"","reference_type":"","scores":[{"value":"0.00264","scoring_system":"epss","scoring_elements":"0.50065","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00264","scoring_system":"epss","scoring_elements":"0.50127","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00264","scoring_system":"epss","scoring_elements":"0.50135","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00264","scoring_system":"epss","scoring_elements":"0.5012","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-45830"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45830","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45830"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/HDFGroup/hdf5/issues/1314","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/HDFGroup/hdf5/issues/1314"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2049121","reference_id":"2049121","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2049121"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-45830","reference_id":"CVE-2021-45830","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-45830"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98395?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98393?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98392?format=json","purl":"pkg:deb/debian/hdf5@1.14.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.6%252Brepack-2%3Fdistro=trixie"}],"aliases":["CVE-2021-45830"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-td2e-qeam-fucf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72357?format=json","vulnerability_id":"VCID-uhhu-7sbk-gqaf","summary":"HDF5 through 1.14.3 contains a buffer overflow in H5Z__filter_scaleoffset, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-29159.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-29159.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-29159","reference_id":"","reference_type":"","scores":[{"value":"0.00474","scoring_system":"epss","scoring_elements":"0.65166","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00474","scoring_system":"epss","scoring_elements":"0.65177","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00474","scoring_system":"epss","scoring_elements":"0.65165","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-29159"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-29159","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-29159"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070861","reference_id":"1070861","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070861"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280037","reference_id":"2280037","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280037"},{"reference_url":"https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/","reference_id":"new-hdf5-cve-issues-fixed-in-1-14-4","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-08-20T13:21:08Z/"}],"url":"https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3801","reference_id":"RHSA-2025:3801","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3801"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98395?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98393?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98392?format=json","purl":"pkg:deb/debian/hdf5@1.14.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.6%252Brepack-2%3Fdistro=trixie"}],"aliases":["CVE-2024-29159"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"4.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uhhu-7sbk-gqaf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72361?format=json","vulnerability_id":"VCID-usd5-mpjq-fkgm","summary":"HDF5 through 1.14.3 contains a heap buffer overflow in H5T__bit_find, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-29163.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-29163.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-29163","reference_id":"","reference_type":"","scores":[{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.24936","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.24924","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.24867","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-29163"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-29163","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-29163"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070861","reference_id":"1070861","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070861"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280037","reference_id":"2280037","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280037"},{"reference_url":"https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/","reference_id":"new-hdf5-cve-issues-fixed-in-1-14-4","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-09T18:16:01Z/"}],"url":"https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3801","reference_id":"RHSA-2025:3801","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3801"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98395?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98393?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98392?format=json","purl":"pkg:deb/debian/hdf5@1.14.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.6%252Brepack-2%3Fdistro=trixie"}],"aliases":["CVE-2024-29163"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-usd5-mpjq-fkgm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42126?format=json","vulnerability_id":"VCID-vaam-cd2s-pkh3","summary":"Use After Free\nHDF5 v1.13.1-1 was discovered to contain a heap-use-after free via the component H5AC_unpin_entry.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46242.json","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46242.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-46242","reference_id":"","reference_type":"","scores":[{"value":"0.00291","scoring_system":"epss","scoring_elements":"0.52717","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00291","scoring_system":"epss","scoring_elements":"0.52777","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00291","scoring_system":"epss","scoring_elements":"0.52783","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00291","scoring_system":"epss","scoring_elements":"0.52766","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-46242"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46242","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46242"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/HDFGroup/hdf5/issues/1329","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/HDFGroup/hdf5/issues/1329"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2045005","reference_id":"2045005","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2045005"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-46242","reference_id":"CVE-2021-46242","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-46242"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98395?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98393?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98392?format=json","purl":"pkg:deb/debian/hdf5@1.14.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.6%252Brepack-2%3Fdistro=trixie"}],"aliases":["CVE-2021-46242"],"risk_score":3.6,"exploitability":"0.5","weighted_severity":"7.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vaam-cd2s-pkh3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72381?format=json","vulnerability_id":"VCID-vf8n-vse9-4qh3","summary":"HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5HG_read in H5HG.c (called from H5VL__native_blob_get in H5VLnative_blob.c), resulting in the corruption of the instruction pointer.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32621.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32621.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-32621","reference_id":"","reference_type":"","scores":[{"value":"0.00577","scoring_system":"epss","scoring_elements":"0.69228","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00577","scoring_system":"epss","scoring_elements":"0.69237","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00577","scoring_system":"epss","scoring_elements":"0.69229","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-32621"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32621","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32621"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070861","reference_id":"1070861","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070861"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280037","reference_id":"2280037","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280037"},{"reference_url":"https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/","reference_id":"new-hdf5-cve-issues-fixed-in-1-14-4","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-08-20T13:25:29Z/"}],"url":"https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3801","reference_id":"RHSA-2025:3801","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3801"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98395?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98393?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98392?format=json","purl":"pkg:deb/debian/hdf5@1.14.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.6%252Brepack-2%3Fdistro=trixie"}],"aliases":["CVE-2024-32621"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"4.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vf8n-vse9-4qh3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72344?format=json","vulnerability_id":"VCID-vf9h-vkm4-afgk","summary":"An issue was discovered in the HDF HDF5 1.10.4 library. There is an out of bounds read in the function H5T_get_size in H5T.c.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8398.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8398.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-8398","reference_id":"","reference_type":"","scores":[{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.52127","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.52106","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.52057","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.52117","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-8398"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8398","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8398"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034838","reference_id":"1034838","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034838"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1678258","reference_id":"1678258","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1678258"},{"reference_url":"https://security.archlinux.org/AVG-901","reference_id":"AVG-901","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-901"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98395?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98393?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98392?format=json","purl":"pkg:deb/debian/hdf5@1.14.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.6%252Brepack-2%3Fdistro=trixie"}],"aliases":["CVE-2019-8398"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vf9h-vkm4-afgk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72293?format=json","vulnerability_id":"VCID-vn8s-gm5x-eqbd","summary":"A out of bounds read was discovered in H5VM_memcpyvv in H5VM.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service or information disclosure attack.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11205.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11205.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-11205","reference_id":"","reference_type":"","scores":[{"value":"0.00632","scoring_system":"epss","scoring_elements":"0.70731","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00632","scoring_system":"epss","scoring_elements":"0.70774","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00632","scoring_system":"epss","scoring_elements":"0.70781","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00632","scoring_system":"epss","scoring_elements":"0.70763","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-11205"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11205","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11205"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034807","reference_id":"1034807","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034807"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1579959","reference_id":"1579959","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1579959"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98395?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98393?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98392?format=json","purl":"pkg:deb/debian/hdf5@1.14.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.6%252Brepack-2%3Fdistro=trixie"}],"aliases":["CVE-2018-11205"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vn8s-gm5x-eqbd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72375?format=json","vulnerability_id":"VCID-wez5-unzz-kudq","summary":"HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5Z__nbit_decompress_one_byte in H5Znbit.c, caused by the earlier use of an initialized pointer.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32615.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32615.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-32615","reference_id":"","reference_type":"","scores":[{"value":"0.00577","scoring_system":"epss","scoring_elements":"0.69228","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00577","scoring_system":"epss","scoring_elements":"0.69237","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00577","scoring_system":"epss","scoring_elements":"0.69229","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-32615"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32615","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32615"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070861","reference_id":"1070861","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070861"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280037","reference_id":"2280037","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280037"},{"reference_url":"https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/","reference_id":"new-hdf5-cve-issues-fixed-in-1-14-4","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-06-11T14:23:03Z/"}],"url":"https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3801","reference_id":"RHSA-2025:3801","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3801"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98395?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98393?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98392?format=json","purl":"pkg:deb/debian/hdf5@1.14.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.6%252Brepack-2%3Fdistro=trixie"}],"aliases":["CVE-2024-32615"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"4.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wez5-unzz-kudq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72366?format=json","vulnerability_id":"VCID-wt1r-6349-v7at","summary":"HDF5 Library through 1.14.3 may attempt to dereference uninitialized values in h5tools_str_sprint in tools/lib/h5tools_str.c (called from h5tools_dump_simple_data in tools/lib/h5tools_dump.c).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32606.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32606.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-32606","reference_id":"","reference_type":"","scores":[{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24715","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24705","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24649","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-32606"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32606","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32606"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070861","reference_id":"1070861","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070861"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280037","reference_id":"2280037","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280037"},{"reference_url":"https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/","reference_id":"new-hdf5-cve-issues-fixed-in-1-14-4","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-16T16:01:10Z/"}],"url":"https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98395?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98393?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98392?format=json","purl":"pkg:deb/debian/hdf5@1.14.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.6%252Brepack-2%3Fdistro=trixie"}],"aliases":["CVE-2024-32606"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wt1r-6349-v7at"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72354?format=json","vulnerability_id":"VCID-x85j-52ep-z7a4","summary":"A heap-based buffer overflow vulnerability exists in the gif2h5 functionality of HDF5 Group libhdf5 1.10.4. A specially-crafted GIF file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-26061.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-26061.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-26061","reference_id":"","reference_type":"","scores":[{"value":"0.00106","scoring_system":"epss","scoring_elements":"0.2816","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00106","scoring_system":"epss","scoring_elements":"0.2814","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00106","scoring_system":"epss","scoring_elements":"0.28231","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00106","scoring_system":"epss","scoring_elements":"0.28181","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-26061"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26061","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26061"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://talosintelligence.com/vulnerability_reports/TALOS-2022-1487","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-05T14:54:04Z/"}],"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2022-1487"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031726","reference_id":"1031726","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031726"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2172354","reference_id":"2172354","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2172354"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-26061","reference_id":"CVE-2022-26061","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-26061"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98423?format=json","purl":"pkg:deb/debian/hdf5@1.10.10%2Brepack-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.10%252Brepack-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98393?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98392?format=json","purl":"pkg:deb/debian/hdf5@1.14.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.6%252Brepack-2%3Fdistro=trixie"}],"aliases":["CVE-2022-26061"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x85j-52ep-z7a4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72378?format=json","vulnerability_id":"VCID-xnb3-ch5w-d3bt","summary":"HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5T__get_native_type in H5Tnative.c, resulting in the corruption of the instruction pointer.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32618.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32618.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-32618","reference_id":"","reference_type":"","scores":[{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.28567","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.28525","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.28486","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-32618"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32618","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32618"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070861","reference_id":"1070861","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070861"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280037","reference_id":"2280037","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280037"},{"reference_url":"https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/","reference_id":"new-hdf5-cve-issues-fixed-in-1-14-4","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-09T18:12:35Z/"}],"url":"https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3801","reference_id":"RHSA-2025:3801","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3801"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98395?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98393?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98392?format=json","purl":"pkg:deb/debian/hdf5@1.14.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.6%252Brepack-2%3Fdistro=trixie"}],"aliases":["CVE-2024-32618"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xnb3-ch5w-d3bt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72388?format=json","vulnerability_id":"VCID-ze1t-z525-n3e2","summary":"HDF5 Library through 1.14.3 has a heap buffer overflow in H5S__point_deserialize in H5Spoint.c.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-33876.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-33876.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-33876","reference_id":"","reference_type":"","scores":[{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22976","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22961","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22916","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-33876"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33876","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33876"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070861","reference_id":"1070861","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070861"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280037","reference_id":"2280037","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280037"},{"reference_url":"https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/","reference_id":"new-hdf5-cve-issues-fixed-in-1-14-4","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-16T16:01:59Z/"}],"url":"https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98395?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98393?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98392?format=json","purl":"pkg:deb/debian/hdf5@1.14.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.6%252Brepack-2%3Fdistro=trixie"}],"aliases":["CVE-2024-33876"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ze1t-z525-n3e2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72355?format=json","vulnerability_id":"VCID-zeyd-2fwn-87bh","summary":"HDF5 through 1.14.3 contains a heap buffer overflow in H5HG_read, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-29157.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-29157.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-29157","reference_id":"","reference_type":"","scores":[{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38219","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38222","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38194","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-29157"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-29157","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-29157"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070861","reference_id":"1070861","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070861"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280037","reference_id":"2280037","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280037"},{"reference_url":"https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/","reference_id":"new-hdf5-cve-issues-fixed-in-1-14-4","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-08-16T16:06:11Z/"}],"url":"https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3801","reference_id":"RHSA-2025:3801","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3801"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98395?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98393?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98392?format=json","purl":"pkg:deb/debian/hdf5@1.14.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.6%252Brepack-2%3Fdistro=trixie"}],"aliases":["CVE-2024-29157"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"4.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zeyd-2fwn-87bh"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72319?format=json","vulnerability_id":"VCID-2xcu-cxdq-b3hb","summary":"Memory leak in the H5O__chunk_deserialize() function in H5Ocache.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service (memory consumption) via a crafted HDF5 file.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17234.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17234.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-17234","reference_id":"","reference_type":"","scores":[{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32349","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32419","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32388","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-17234"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17234","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17234"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1633856","reference_id":"1633856","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1633856"},{"reference_url":"https://usn.ubuntu.com/USN-5272-1/","reference_id":"USN-USN-5272-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-5272-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98406?format=json","purl":"pkg:deb/debian/hdf5@1.10.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.6%252Brepack-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98391?format=json","purl":"pkg:deb/debian/hdf5@1.10.6%2Brepack-4%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1qt2-92gt-f3fk"},{"vulnerability":"VCID-2r6p-322p-37dm"},{"vulnerability":"VCID-4kz9-zrss-83bx"},{"vulnerability":"VCID-5v4u-uu83-sqc8"},{"vulnerability":"VCID-7xfq-w24m-yugw"},{"vulnerability":"VCID-89j8-dfkx-2bhs"},{"vulnerability":"VCID-8aac-7mgq-h7a4"},{"vulnerability":"VCID-8df1-wt32-pqa6"},{"vulnerability":"VCID-8dhg-t7wf-v3ah"},{"vulnerability":"VCID-8jym-e7p3-7qgg"},{"vulnerability":"VCID-adzd-m4tm-v3f8"},{"vulnerability":"VCID-ajuw-pqtu-mygw"},{"vulnerability":"VCID-bhy6-usxm-h7a4"},{"vulnerability":"VCID-c2d5-k2pu-m3ba"},{"vulnerability":"VCID-c54w-b13w-uke7"},{"vulnerability":"VCID-caba-jf2d-yubt"},{"vulnerability":"VCID-d9fr-59ax-vya4"},{"vulnerability":"VCID-dmz7-rekk-1bax"},{"vulnerability":"VCID-e4aq-y2zm-tybp"},{"vulnerability":"VCID-euh2-g5tb-kyc7"},{"vulnerability":"VCID-evc7-d6mz-dqh7"},{"vulnerability":"VCID-g4wu-fszp-sbcp"},{"vulnerability":"VCID-h2q3-ub28-9ygd"},{"vulnerability":"VCID-hguc-e36x-kkfj"},{"vulnerability":"VCID-j2ck-xmvp-h7f7"},{"vulnerability":"VCID-jeu6-8nb9-d3ep"},{"vulnerability":"VCID-jgjd-n5m8-cbbk"},{"vulnerability":"VCID-kpny-jvxd-h7df"},{"vulnerability":"VCID-kx1u-3t7h-tyhb"},{"vulnerability":"VCID-mgev-h4d6-g3c9"},{"vulnerability":"VCID-mkrz-w4u4-tuaj"},{"vulnerability":"VCID-n1ag-bkf2-uyd8"},{"vulnerability":"VCID-n3sz-bxsj-dfbw"},{"vulnerability":"VCID-p3f9-9fu6-cbff"},{"vulnerability":"VCID-p78p-43n3-yqgg"},{"vulnerability":"VCID-pmtb-wxmw-2yh2"},{"vulnerability":"VCID-ppqc-1vsd-1qg6"},{"vulnerability":"VCID-qr98-8n65-eue6"},{"vulnerability":"VCID-qttu-atch-hkcq"},{"vulnerability":"VCID-qzz2-61s2-bkca"},{"vulnerability":"VCID-rr9y-73f6-ybab"},{"vulnerability":"VCID-rwu5-z6rj-uye7"},{"vulnerability":"VCID-s161-wyhp-e3hw"},{"vulnerability":"VCID-tba6-aqxs-nqgm"},{"vulnerability":"VCID-td2e-qeam-fucf"},{"vulnerability":"VCID-ua6h-y2bc-jqdy"},{"vulnerability":"VCID-uhhu-7sbk-gqaf"},{"vulnerability":"VCID-untx-ks69-4yc3"},{"vulnerability":"VCID-usd5-mpjq-fkgm"},{"vulnerability":"VCID-vaam-cd2s-pkh3"},{"vulnerability":"VCID-vf8n-vse9-4qh3"},{"vulnerability":"VCID-vf9h-vkm4-afgk"},{"vulnerability":"VCID-vn8s-gm5x-eqbd"},{"vulnerability":"VCID-wez5-unzz-kudq"},{"vulnerability":"VCID-wt1r-6349-v7at"},{"vulnerability":"VCID-x85j-52ep-z7a4"},{"vulnerability":"VCID-xnb3-ch5w-d3bt"},{"vulnerability":"VCID-ze1t-z525-n3e2"},{"vulnerability":"VCID-zeyd-2fwn-87bh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.6%252Brepack-4%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98389?format=json","purl":"pkg:deb/debian/hdf5@1.10.8%2Brepack1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1qt2-92gt-f3fk"},{"vulnerability":"VCID-2r6p-322p-37dm"},{"vulnerability":"VCID-5v4u-uu83-sqc8"},{"vulnerability":"VCID-7xfq-w24m-yugw"},{"vulnerability":"VCID-89j8-dfkx-2bhs"},{"vulnerability":"VCID-8aac-7mgq-h7a4"},{"vulnerability":"VCID-8df1-wt32-pqa6"},{"vulnerability":"VCID-8dhg-t7wf-v3ah"},{"vulnerability":"VCID-8jym-e7p3-7qgg"},{"vulnerability":"VCID-adzd-m4tm-v3f8"},{"vulnerability":"VCID-ajuw-pqtu-mygw"},{"vulnerability":"VCID-bhy6-usxm-h7a4"},{"vulnerability":"VCID-c2d5-k2pu-m3ba"},{"vulnerability":"VCID-c54w-b13w-uke7"},{"vulnerability":"VCID-caba-jf2d-yubt"},{"vulnerability":"VCID-d9fr-59ax-vya4"},{"vulnerability":"VCID-e4aq-y2zm-tybp"},{"vulnerability":"VCID-euh2-g5tb-kyc7"},{"vulnerability":"VCID-evc7-d6mz-dqh7"},{"vulnerability":"VCID-g4wu-fszp-sbcp"},{"vulnerability":"VCID-h2q3-ub28-9ygd"},{"vulnerability":"VCID-hguc-e36x-kkfj"},{"vulnerability":"VCID-j2ck-xmvp-h7f7"},{"vulnerability":"VCID-jeu6-8nb9-d3ep"},{"vulnerability":"VCID-jgjd-n5m8-cbbk"},{"vulnerability":"VCID-kx1u-3t7h-tyhb"},{"vulnerability":"VCID-mgev-h4d6-g3c9"},{"vulnerability":"VCID-mkrz-w4u4-tuaj"},{"vulnerability":"VCID-n1ag-bkf2-uyd8"},{"vulnerability":"VCID-n3sz-bxsj-dfbw"},{"vulnerability":"VCID-p3f9-9fu6-cbff"},{"vulnerability":"VCID-ppqc-1vsd-1qg6"},{"vulnerability":"VCID-qr98-8n65-eue6"},{"vulnerability":"VCID-qzz2-61s2-bkca"},{"vulnerability":"VCID-rr9y-73f6-ybab"},{"vulnerability":"VCID-rwu5-z6rj-uye7"},{"vulnerability":"VCID-s161-wyhp-e3hw"},{"vulnerability":"VCID-tba6-aqxs-nqgm"},{"vulnerability":"VCID-td2e-qeam-fucf"},{"vulnerability":"VCID-uhhu-7sbk-gqaf"},{"vulnerability":"VCID-usd5-mpjq-fkgm"},{"vulnerability":"VCID-vaam-cd2s-pkh3"},{"vulnerability":"VCID-vf8n-vse9-4qh3"},{"vulnerability":"VCID-vf9h-vkm4-afgk"},{"vulnerability":"VCID-vn8s-gm5x-eqbd"},{"vulnerability":"VCID-wez5-unzz-kudq"},{"vulnerability":"VCID-wt1r-6349-v7at"},{"vulnerability":"VCID-x85j-52ep-z7a4"},{"vulnerability":"VCID-xnb3-ch5w-d3bt"},{"vulnerability":"VCID-ze1t-z525-n3e2"},{"vulnerability":"VCID-zeyd-2fwn-87bh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.8%252Brepack1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98393?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98392?format=json","purl":"pkg:deb/debian/hdf5@1.14.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.6%252Brepack-2%3Fdistro=trixie"}],"aliases":["CVE-2018-17234"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2xcu-cxdq-b3hb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72327?format=json","vulnerability_id":"VCID-4kz9-zrss-83bx","summary":"A heap-based buffer over-read in H5O_attr_decode() in H5Oattr.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service via a crafted HDF5 file. This issue was triggered while converting an HDF file to GIF file.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17435.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17435.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-17435","reference_id":"","reference_type":"","scores":[{"value":"0.00752","scoring_system":"epss","scoring_elements":"0.73551","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00752","scoring_system":"epss","scoring_elements":"0.73587","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00752","scoring_system":"epss","scoring_elements":"0.73592","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00752","scoring_system":"epss","scoring_elements":"0.73578","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-17435"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17435","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17435"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1634125","reference_id":"1634125","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1634125"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98398?format=json","purl":"pkg:deb/debian/hdf5@1.10.7%2Brepack-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.7%252Brepack-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98389?format=json","purl":"pkg:deb/debian/hdf5@1.10.8%2Brepack1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1qt2-92gt-f3fk"},{"vulnerability":"VCID-2r6p-322p-37dm"},{"vulnerability":"VCID-5v4u-uu83-sqc8"},{"vulnerability":"VCID-7xfq-w24m-yugw"},{"vulnerability":"VCID-89j8-dfkx-2bhs"},{"vulnerability":"VCID-8aac-7mgq-h7a4"},{"vulnerability":"VCID-8df1-wt32-pqa6"},{"vulnerability":"VCID-8dhg-t7wf-v3ah"},{"vulnerability":"VCID-8jym-e7p3-7qgg"},{"vulnerability":"VCID-adzd-m4tm-v3f8"},{"vulnerability":"VCID-ajuw-pqtu-mygw"},{"vulnerability":"VCID-bhy6-usxm-h7a4"},{"vulnerability":"VCID-c2d5-k2pu-m3ba"},{"vulnerability":"VCID-c54w-b13w-uke7"},{"vulnerability":"VCID-caba-jf2d-yubt"},{"vulnerability":"VCID-d9fr-59ax-vya4"},{"vulnerability":"VCID-e4aq-y2zm-tybp"},{"vulnerability":"VCID-euh2-g5tb-kyc7"},{"vulnerability":"VCID-evc7-d6mz-dqh7"},{"vulnerability":"VCID-g4wu-fszp-sbcp"},{"vulnerability":"VCID-h2q3-ub28-9ygd"},{"vulnerability":"VCID-hguc-e36x-kkfj"},{"vulnerability":"VCID-j2ck-xmvp-h7f7"},{"vulnerability":"VCID-jeu6-8nb9-d3ep"},{"vulnerability":"VCID-jgjd-n5m8-cbbk"},{"vulnerability":"VCID-kx1u-3t7h-tyhb"},{"vulnerability":"VCID-mgev-h4d6-g3c9"},{"vulnerability":"VCID-mkrz-w4u4-tuaj"},{"vulnerability":"VCID-n1ag-bkf2-uyd8"},{"vulnerability":"VCID-n3sz-bxsj-dfbw"},{"vulnerability":"VCID-p3f9-9fu6-cbff"},{"vulnerability":"VCID-ppqc-1vsd-1qg6"},{"vulnerability":"VCID-qr98-8n65-eue6"},{"vulnerability":"VCID-qzz2-61s2-bkca"},{"vulnerability":"VCID-rr9y-73f6-ybab"},{"vulnerability":"VCID-rwu5-z6rj-uye7"},{"vulnerability":"VCID-s161-wyhp-e3hw"},{"vulnerability":"VCID-tba6-aqxs-nqgm"},{"vulnerability":"VCID-td2e-qeam-fucf"},{"vulnerability":"VCID-uhhu-7sbk-gqaf"},{"vulnerability":"VCID-usd5-mpjq-fkgm"},{"vulnerability":"VCID-vaam-cd2s-pkh3"},{"vulnerability":"VCID-vf8n-vse9-4qh3"},{"vulnerability":"VCID-vf9h-vkm4-afgk"},{"vulnerability":"VCID-vn8s-gm5x-eqbd"},{"vulnerability":"VCID-wez5-unzz-kudq"},{"vulnerability":"VCID-wt1r-6349-v7at"},{"vulnerability":"VCID-x85j-52ep-z7a4"},{"vulnerability":"VCID-xnb3-ch5w-d3bt"},{"vulnerability":"VCID-ze1t-z525-n3e2"},{"vulnerability":"VCID-zeyd-2fwn-87bh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.8%252Brepack1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98393?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98392?format=json","purl":"pkg:deb/debian/hdf5@1.14.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.6%252Brepack-2%3Fdistro=trixie"}],"aliases":["CVE-2018-17435"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4kz9-zrss-83bx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72284?format=json","vulnerability_id":"VCID-59vv-6fa4-ckfh","summary":"In HDF5 1.10.1, there is an out of bounds write vulnerability in the function H5G__ent_decode_vec in H5Gcache.c in libhdf5.a. For example, h5dump would crash or possibly have unspecified other impact someone opens a crafted hdf5 file.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17509.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17509.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-17509","reference_id":"","reference_type":"","scores":[{"value":"0.00376","scoring_system":"epss","scoring_elements":"0.59543","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00376","scoring_system":"epss","scoring_elements":"0.59499","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00376","scoring_system":"epss","scoring_elements":"0.59549","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00376","scoring_system":"epss","scoring_elements":"0.59552","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-17509"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17509","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17509"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:N/C:P/I:P/A:P"},{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1524911","reference_id":"1524911","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1524911"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=884365","reference_id":"884365","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=884365"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98394?format=json","purl":"pkg:deb/debian/hdf5@1.10.4%2Brepack-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.4%252Brepack-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98391?format=json","purl":"pkg:deb/debian/hdf5@1.10.6%2Brepack-4%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1qt2-92gt-f3fk"},{"vulnerability":"VCID-2r6p-322p-37dm"},{"vulnerability":"VCID-4kz9-zrss-83bx"},{"vulnerability":"VCID-5v4u-uu83-sqc8"},{"vulnerability":"VCID-7xfq-w24m-yugw"},{"vulnerability":"VCID-89j8-dfkx-2bhs"},{"vulnerability":"VCID-8aac-7mgq-h7a4"},{"vulnerability":"VCID-8df1-wt32-pqa6"},{"vulnerability":"VCID-8dhg-t7wf-v3ah"},{"vulnerability":"VCID-8jym-e7p3-7qgg"},{"vulnerability":"VCID-adzd-m4tm-v3f8"},{"vulnerability":"VCID-ajuw-pqtu-mygw"},{"vulnerability":"VCID-bhy6-usxm-h7a4"},{"vulnerability":"VCID-c2d5-k2pu-m3ba"},{"vulnerability":"VCID-c54w-b13w-uke7"},{"vulnerability":"VCID-caba-jf2d-yubt"},{"vulnerability":"VCID-d9fr-59ax-vya4"},{"vulnerability":"VCID-dmz7-rekk-1bax"},{"vulnerability":"VCID-e4aq-y2zm-tybp"},{"vulnerability":"VCID-euh2-g5tb-kyc7"},{"vulnerability":"VCID-evc7-d6mz-dqh7"},{"vulnerability":"VCID-g4wu-fszp-sbcp"},{"vulnerability":"VCID-h2q3-ub28-9ygd"},{"vulnerability":"VCID-hguc-e36x-kkfj"},{"vulnerability":"VCID-j2ck-xmvp-h7f7"},{"vulnerability":"VCID-jeu6-8nb9-d3ep"},{"vulnerability":"VCID-jgjd-n5m8-cbbk"},{"vulnerability":"VCID-kpny-jvxd-h7df"},{"vulnerability":"VCID-kx1u-3t7h-tyhb"},{"vulnerability":"VCID-mgev-h4d6-g3c9"},{"vulnerability":"VCID-mkrz-w4u4-tuaj"},{"vulnerability":"VCID-n1ag-bkf2-uyd8"},{"vulnerability":"VCID-n3sz-bxsj-dfbw"},{"vulnerability":"VCID-p3f9-9fu6-cbff"},{"vulnerability":"VCID-p78p-43n3-yqgg"},{"vulnerability":"VCID-pmtb-wxmw-2yh2"},{"vulnerability":"VCID-ppqc-1vsd-1qg6"},{"vulnerability":"VCID-qr98-8n65-eue6"},{"vulnerability":"VCID-qttu-atch-hkcq"},{"vulnerability":"VCID-qzz2-61s2-bkca"},{"vulnerability":"VCID-rr9y-73f6-ybab"},{"vulnerability":"VCID-rwu5-z6rj-uye7"},{"vulnerability":"VCID-s161-wyhp-e3hw"},{"vulnerability":"VCID-tba6-aqxs-nqgm"},{"vulnerability":"VCID-td2e-qeam-fucf"},{"vulnerability":"VCID-ua6h-y2bc-jqdy"},{"vulnerability":"VCID-uhhu-7sbk-gqaf"},{"vulnerability":"VCID-untx-ks69-4yc3"},{"vulnerability":"VCID-usd5-mpjq-fkgm"},{"vulnerability":"VCID-vaam-cd2s-pkh3"},{"vulnerability":"VCID-vf8n-vse9-4qh3"},{"vulnerability":"VCID-vf9h-vkm4-afgk"},{"vulnerability":"VCID-vn8s-gm5x-eqbd"},{"vulnerability":"VCID-wez5-unzz-kudq"},{"vulnerability":"VCID-wt1r-6349-v7at"},{"vulnerability":"VCID-x85j-52ep-z7a4"},{"vulnerability":"VCID-xnb3-ch5w-d3bt"},{"vulnerability":"VCID-ze1t-z525-n3e2"},{"vulnerability":"VCID-zeyd-2fwn-87bh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.6%252Brepack-4%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98389?format=json","purl":"pkg:deb/debian/hdf5@1.10.8%2Brepack1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1qt2-92gt-f3fk"},{"vulnerability":"VCID-2r6p-322p-37dm"},{"vulnerability":"VCID-5v4u-uu83-sqc8"},{"vulnerability":"VCID-7xfq-w24m-yugw"},{"vulnerability":"VCID-89j8-dfkx-2bhs"},{"vulnerability":"VCID-8aac-7mgq-h7a4"},{"vulnerability":"VCID-8df1-wt32-pqa6"},{"vulnerability":"VCID-8dhg-t7wf-v3ah"},{"vulnerability":"VCID-8jym-e7p3-7qgg"},{"vulnerability":"VCID-adzd-m4tm-v3f8"},{"vulnerability":"VCID-ajuw-pqtu-mygw"},{"vulnerability":"VCID-bhy6-usxm-h7a4"},{"vulnerability":"VCID-c2d5-k2pu-m3ba"},{"vulnerability":"VCID-c54w-b13w-uke7"},{"vulnerability":"VCID-caba-jf2d-yubt"},{"vulnerability":"VCID-d9fr-59ax-vya4"},{"vulnerability":"VCID-e4aq-y2zm-tybp"},{"vulnerability":"VCID-euh2-g5tb-kyc7"},{"vulnerability":"VCID-evc7-d6mz-dqh7"},{"vulnerability":"VCID-g4wu-fszp-sbcp"},{"vulnerability":"VCID-h2q3-ub28-9ygd"},{"vulnerability":"VCID-hguc-e36x-kkfj"},{"vulnerability":"VCID-j2ck-xmvp-h7f7"},{"vulnerability":"VCID-jeu6-8nb9-d3ep"},{"vulnerability":"VCID-jgjd-n5m8-cbbk"},{"vulnerability":"VCID-kx1u-3t7h-tyhb"},{"vulnerability":"VCID-mgev-h4d6-g3c9"},{"vulnerability":"VCID-mkrz-w4u4-tuaj"},{"vulnerability":"VCID-n1ag-bkf2-uyd8"},{"vulnerability":"VCID-n3sz-bxsj-dfbw"},{"vulnerability":"VCID-p3f9-9fu6-cbff"},{"vulnerability":"VCID-ppqc-1vsd-1qg6"},{"vulnerability":"VCID-qr98-8n65-eue6"},{"vulnerability":"VCID-qzz2-61s2-bkca"},{"vulnerability":"VCID-rr9y-73f6-ybab"},{"vulnerability":"VCID-rwu5-z6rj-uye7"},{"vulnerability":"VCID-s161-wyhp-e3hw"},{"vulnerability":"VCID-tba6-aqxs-nqgm"},{"vulnerability":"VCID-td2e-qeam-fucf"},{"vulnerability":"VCID-uhhu-7sbk-gqaf"},{"vulnerability":"VCID-usd5-mpjq-fkgm"},{"vulnerability":"VCID-vaam-cd2s-pkh3"},{"vulnerability":"VCID-vf8n-vse9-4qh3"},{"vulnerability":"VCID-vf9h-vkm4-afgk"},{"vulnerability":"VCID-vn8s-gm5x-eqbd"},{"vulnerability":"VCID-wez5-unzz-kudq"},{"vulnerability":"VCID-wt1r-6349-v7at"},{"vulnerability":"VCID-x85j-52ep-z7a4"},{"vulnerability":"VCID-xnb3-ch5w-d3bt"},{"vulnerability":"VCID-ze1t-z525-n3e2"},{"vulnerability":"VCID-zeyd-2fwn-87bh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.8%252Brepack1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98393?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98392?format=json","purl":"pkg:deb/debian/hdf5@1.14.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.6%252Brepack-2%3Fdistro=trixie"}],"aliases":["CVE-2017-17509"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-59vv-6fa4-ckfh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72277?format=json","vulnerability_id":"VCID-88vu-rux2-xfa8","summary":"The HDF5 1.8.16 library allocating space for the array using a value from the file has an impact within the loop for initializing said array allowing a value within the file to modify the loop's terminator. Due to this, an aggressor can cause the loop's index to point outside the bounds of the array when initializing it.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4333.json","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4333.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-4333","reference_id":"","reference_type":"","scores":[{"value":"0.0025","scoring_system":"epss","scoring_elements":"0.48473","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0025","scoring_system":"epss","scoring_elements":"0.48536","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0025","scoring_system":"epss","scoring_elements":"0.48543","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0025","scoring_system":"epss","scoring_elements":"0.48524","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-4333"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4330","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4330"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4331","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4331"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4332","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4332"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4333","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4333"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.1","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:S/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1397708","reference_id":"1397708","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1397708"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=845301","reference_id":"845301","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=845301"},{"reference_url":"https://security.gentoo.org/glsa/201701-13","reference_id":"GLSA-201701-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-13"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98390?format=json","purl":"pkg:deb/debian/hdf5@1.10.0-patch1%2Bdocs-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.0-patch1%252Bdocs-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98391?format=json","purl":"pkg:deb/debian/hdf5@1.10.6%2Brepack-4%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1qt2-92gt-f3fk"},{"vulnerability":"VCID-2r6p-322p-37dm"},{"vulnerability":"VCID-4kz9-zrss-83bx"},{"vulnerability":"VCID-5v4u-uu83-sqc8"},{"vulnerability":"VCID-7xfq-w24m-yugw"},{"vulnerability":"VCID-89j8-dfkx-2bhs"},{"vulnerability":"VCID-8aac-7mgq-h7a4"},{"vulnerability":"VCID-8df1-wt32-pqa6"},{"vulnerability":"VCID-8dhg-t7wf-v3ah"},{"vulnerability":"VCID-8jym-e7p3-7qgg"},{"vulnerability":"VCID-adzd-m4tm-v3f8"},{"vulnerability":"VCID-ajuw-pqtu-mygw"},{"vulnerability":"VCID-bhy6-usxm-h7a4"},{"vulnerability":"VCID-c2d5-k2pu-m3ba"},{"vulnerability":"VCID-c54w-b13w-uke7"},{"vulnerability":"VCID-caba-jf2d-yubt"},{"vulnerability":"VCID-d9fr-59ax-vya4"},{"vulnerability":"VCID-dmz7-rekk-1bax"},{"vulnerability":"VCID-e4aq-y2zm-tybp"},{"vulnerability":"VCID-euh2-g5tb-kyc7"},{"vulnerability":"VCID-evc7-d6mz-dqh7"},{"vulnerability":"VCID-g4wu-fszp-sbcp"},{"vulnerability":"VCID-h2q3-ub28-9ygd"},{"vulnerability":"VCID-hguc-e36x-kkfj"},{"vulnerability":"VCID-j2ck-xmvp-h7f7"},{"vulnerability":"VCID-jeu6-8nb9-d3ep"},{"vulnerability":"VCID-jgjd-n5m8-cbbk"},{"vulnerability":"VCID-kpny-jvxd-h7df"},{"vulnerability":"VCID-kx1u-3t7h-tyhb"},{"vulnerability":"VCID-mgev-h4d6-g3c9"},{"vulnerability":"VCID-mkrz-w4u4-tuaj"},{"vulnerability":"VCID-n1ag-bkf2-uyd8"},{"vulnerability":"VCID-n3sz-bxsj-dfbw"},{"vulnerability":"VCID-p3f9-9fu6-cbff"},{"vulnerability":"VCID-p78p-43n3-yqgg"},{"vulnerability":"VCID-pmtb-wxmw-2yh2"},{"vulnerability":"VCID-ppqc-1vsd-1qg6"},{"vulnerability":"VCID-qr98-8n65-eue6"},{"vulnerability":"VCID-qttu-atch-hkcq"},{"vulnerability":"VCID-qzz2-61s2-bkca"},{"vulnerability":"VCID-rr9y-73f6-ybab"},{"vulnerability":"VCID-rwu5-z6rj-uye7"},{"vulnerability":"VCID-s161-wyhp-e3hw"},{"vulnerability":"VCID-tba6-aqxs-nqgm"},{"vulnerability":"VCID-td2e-qeam-fucf"},{"vulnerability":"VCID-ua6h-y2bc-jqdy"},{"vulnerability":"VCID-uhhu-7sbk-gqaf"},{"vulnerability":"VCID-untx-ks69-4yc3"},{"vulnerability":"VCID-usd5-mpjq-fkgm"},{"vulnerability":"VCID-vaam-cd2s-pkh3"},{"vulnerability":"VCID-vf8n-vse9-4qh3"},{"vulnerability":"VCID-vf9h-vkm4-afgk"},{"vulnerability":"VCID-vn8s-gm5x-eqbd"},{"vulnerability":"VCID-wez5-unzz-kudq"},{"vulnerability":"VCID-wt1r-6349-v7at"},{"vulnerability":"VCID-x85j-52ep-z7a4"},{"vulnerability":"VCID-xnb3-ch5w-d3bt"},{"vulnerability":"VCID-ze1t-z525-n3e2"},{"vulnerability":"VCID-zeyd-2fwn-87bh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.6%252Brepack-4%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98389?format=json","purl":"pkg:deb/debian/hdf5@1.10.8%2Brepack1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1qt2-92gt-f3fk"},{"vulnerability":"VCID-2r6p-322p-37dm"},{"vulnerability":"VCID-5v4u-uu83-sqc8"},{"vulnerability":"VCID-7xfq-w24m-yugw"},{"vulnerability":"VCID-89j8-dfkx-2bhs"},{"vulnerability":"VCID-8aac-7mgq-h7a4"},{"vulnerability":"VCID-8df1-wt32-pqa6"},{"vulnerability":"VCID-8dhg-t7wf-v3ah"},{"vulnerability":"VCID-8jym-e7p3-7qgg"},{"vulnerability":"VCID-adzd-m4tm-v3f8"},{"vulnerability":"VCID-ajuw-pqtu-mygw"},{"vulnerability":"VCID-bhy6-usxm-h7a4"},{"vulnerability":"VCID-c2d5-k2pu-m3ba"},{"vulnerability":"VCID-c54w-b13w-uke7"},{"vulnerability":"VCID-caba-jf2d-yubt"},{"vulnerability":"VCID-d9fr-59ax-vya4"},{"vulnerability":"VCID-e4aq-y2zm-tybp"},{"vulnerability":"VCID-euh2-g5tb-kyc7"},{"vulnerability":"VCID-evc7-d6mz-dqh7"},{"vulnerability":"VCID-g4wu-fszp-sbcp"},{"vulnerability":"VCID-h2q3-ub28-9ygd"},{"vulnerability":"VCID-hguc-e36x-kkfj"},{"vulnerability":"VCID-j2ck-xmvp-h7f7"},{"vulnerability":"VCID-jeu6-8nb9-d3ep"},{"vulnerability":"VCID-jgjd-n5m8-cbbk"},{"vulnerability":"VCID-kx1u-3t7h-tyhb"},{"vulnerability":"VCID-mgev-h4d6-g3c9"},{"vulnerability":"VCID-mkrz-w4u4-tuaj"},{"vulnerability":"VCID-n1ag-bkf2-uyd8"},{"vulnerability":"VCID-n3sz-bxsj-dfbw"},{"vulnerability":"VCID-p3f9-9fu6-cbff"},{"vulnerability":"VCID-ppqc-1vsd-1qg6"},{"vulnerability":"VCID-qr98-8n65-eue6"},{"vulnerability":"VCID-qzz2-61s2-bkca"},{"vulnerability":"VCID-rr9y-73f6-ybab"},{"vulnerability":"VCID-rwu5-z6rj-uye7"},{"vulnerability":"VCID-s161-wyhp-e3hw"},{"vulnerability":"VCID-tba6-aqxs-nqgm"},{"vulnerability":"VCID-td2e-qeam-fucf"},{"vulnerability":"VCID-uhhu-7sbk-gqaf"},{"vulnerability":"VCID-usd5-mpjq-fkgm"},{"vulnerability":"VCID-vaam-cd2s-pkh3"},{"vulnerability":"VCID-vf8n-vse9-4qh3"},{"vulnerability":"VCID-vf9h-vkm4-afgk"},{"vulnerability":"VCID-vn8s-gm5x-eqbd"},{"vulnerability":"VCID-wez5-unzz-kudq"},{"vulnerability":"VCID-wt1r-6349-v7at"},{"vulnerability":"VCID-x85j-52ep-z7a4"},{"vulnerability":"VCID-xnb3-ch5w-d3bt"},{"vulnerability":"VCID-ze1t-z525-n3e2"},{"vulnerability":"VCID-zeyd-2fwn-87bh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.8%252Brepack1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98393?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98392?format=json","purl":"pkg:deb/debian/hdf5@1.14.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.6%252Brepack-2%3Fdistro=trixie"}],"aliases":["CVE-2016-4333"],"risk_score":3.9,"exploitability":"0.5","weighted_severity":"7.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-88vu-rux2-xfa8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72320?format=json","vulnerability_id":"VCID-ae73-ha67-tqgm","summary":"A SIGFPE signal is raised in the function H5D__chunk_set_info_real() of H5Dchunk.c in the HDF HDF5 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection against division by zero. This issue is different from CVE-2018-11207.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17237.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17237.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-17237","reference_id":"","reference_type":"","scores":[{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33416","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33517","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33532","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33497","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-17237"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17237","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17237"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1633860","reference_id":"1633860","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1633860"},{"reference_url":"https://usn.ubuntu.com/USN-5272-1/","reference_id":"USN-USN-5272-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-5272-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98406?format=json","purl":"pkg:deb/debian/hdf5@1.10.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.6%252Brepack-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98391?format=json","purl":"pkg:deb/debian/hdf5@1.10.6%2Brepack-4%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1qt2-92gt-f3fk"},{"vulnerability":"VCID-2r6p-322p-37dm"},{"vulnerability":"VCID-4kz9-zrss-83bx"},{"vulnerability":"VCID-5v4u-uu83-sqc8"},{"vulnerability":"VCID-7xfq-w24m-yugw"},{"vulnerability":"VCID-89j8-dfkx-2bhs"},{"vulnerability":"VCID-8aac-7mgq-h7a4"},{"vulnerability":"VCID-8df1-wt32-pqa6"},{"vulnerability":"VCID-8dhg-t7wf-v3ah"},{"vulnerability":"VCID-8jym-e7p3-7qgg"},{"vulnerability":"VCID-adzd-m4tm-v3f8"},{"vulnerability":"VCID-ajuw-pqtu-mygw"},{"vulnerability":"VCID-bhy6-usxm-h7a4"},{"vulnerability":"VCID-c2d5-k2pu-m3ba"},{"vulnerability":"VCID-c54w-b13w-uke7"},{"vulnerability":"VCID-caba-jf2d-yubt"},{"vulnerability":"VCID-d9fr-59ax-vya4"},{"vulnerability":"VCID-dmz7-rekk-1bax"},{"vulnerability":"VCID-e4aq-y2zm-tybp"},{"vulnerability":"VCID-euh2-g5tb-kyc7"},{"vulnerability":"VCID-evc7-d6mz-dqh7"},{"vulnerability":"VCID-g4wu-fszp-sbcp"},{"vulnerability":"VCID-h2q3-ub28-9ygd"},{"vulnerability":"VCID-hguc-e36x-kkfj"},{"vulnerability":"VCID-j2ck-xmvp-h7f7"},{"vulnerability":"VCID-jeu6-8nb9-d3ep"},{"vulnerability":"VCID-jgjd-n5m8-cbbk"},{"vulnerability":"VCID-kpny-jvxd-h7df"},{"vulnerability":"VCID-kx1u-3t7h-tyhb"},{"vulnerability":"VCID-mgev-h4d6-g3c9"},{"vulnerability":"VCID-mkrz-w4u4-tuaj"},{"vulnerability":"VCID-n1ag-bkf2-uyd8"},{"vulnerability":"VCID-n3sz-bxsj-dfbw"},{"vulnerability":"VCID-p3f9-9fu6-cbff"},{"vulnerability":"VCID-p78p-43n3-yqgg"},{"vulnerability":"VCID-pmtb-wxmw-2yh2"},{"vulnerability":"VCID-ppqc-1vsd-1qg6"},{"vulnerability":"VCID-qr98-8n65-eue6"},{"vulnerability":"VCID-qttu-atch-hkcq"},{"vulnerability":"VCID-qzz2-61s2-bkca"},{"vulnerability":"VCID-rr9y-73f6-ybab"},{"vulnerability":"VCID-rwu5-z6rj-uye7"},{"vulnerability":"VCID-s161-wyhp-e3hw"},{"vulnerability":"VCID-tba6-aqxs-nqgm"},{"vulnerability":"VCID-td2e-qeam-fucf"},{"vulnerability":"VCID-ua6h-y2bc-jqdy"},{"vulnerability":"VCID-uhhu-7sbk-gqaf"},{"vulnerability":"VCID-untx-ks69-4yc3"},{"vulnerability":"VCID-usd5-mpjq-fkgm"},{"vulnerability":"VCID-vaam-cd2s-pkh3"},{"vulnerability":"VCID-vf8n-vse9-4qh3"},{"vulnerability":"VCID-vf9h-vkm4-afgk"},{"vulnerability":"VCID-vn8s-gm5x-eqbd"},{"vulnerability":"VCID-wez5-unzz-kudq"},{"vulnerability":"VCID-wt1r-6349-v7at"},{"vulnerability":"VCID-x85j-52ep-z7a4"},{"vulnerability":"VCID-xnb3-ch5w-d3bt"},{"vulnerability":"VCID-ze1t-z525-n3e2"},{"vulnerability":"VCID-zeyd-2fwn-87bh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.6%252Brepack-4%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98389?format=json","purl":"pkg:deb/debian/hdf5@1.10.8%2Brepack1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1qt2-92gt-f3fk"},{"vulnerability":"VCID-2r6p-322p-37dm"},{"vulnerability":"VCID-5v4u-uu83-sqc8"},{"vulnerability":"VCID-7xfq-w24m-yugw"},{"vulnerability":"VCID-89j8-dfkx-2bhs"},{"vulnerability":"VCID-8aac-7mgq-h7a4"},{"vulnerability":"VCID-8df1-wt32-pqa6"},{"vulnerability":"VCID-8dhg-t7wf-v3ah"},{"vulnerability":"VCID-8jym-e7p3-7qgg"},{"vulnerability":"VCID-adzd-m4tm-v3f8"},{"vulnerability":"VCID-ajuw-pqtu-mygw"},{"vulnerability":"VCID-bhy6-usxm-h7a4"},{"vulnerability":"VCID-c2d5-k2pu-m3ba"},{"vulnerability":"VCID-c54w-b13w-uke7"},{"vulnerability":"VCID-caba-jf2d-yubt"},{"vulnerability":"VCID-d9fr-59ax-vya4"},{"vulnerability":"VCID-e4aq-y2zm-tybp"},{"vulnerability":"VCID-euh2-g5tb-kyc7"},{"vulnerability":"VCID-evc7-d6mz-dqh7"},{"vulnerability":"VCID-g4wu-fszp-sbcp"},{"vulnerability":"VCID-h2q3-ub28-9ygd"},{"vulnerability":"VCID-hguc-e36x-kkfj"},{"vulnerability":"VCID-j2ck-xmvp-h7f7"},{"vulnerability":"VCID-jeu6-8nb9-d3ep"},{"vulnerability":"VCID-jgjd-n5m8-cbbk"},{"vulnerability":"VCID-kx1u-3t7h-tyhb"},{"vulnerability":"VCID-mgev-h4d6-g3c9"},{"vulnerability":"VCID-mkrz-w4u4-tuaj"},{"vulnerability":"VCID-n1ag-bkf2-uyd8"},{"vulnerability":"VCID-n3sz-bxsj-dfbw"},{"vulnerability":"VCID-p3f9-9fu6-cbff"},{"vulnerability":"VCID-ppqc-1vsd-1qg6"},{"vulnerability":"VCID-qr98-8n65-eue6"},{"vulnerability":"VCID-qzz2-61s2-bkca"},{"vulnerability":"VCID-rr9y-73f6-ybab"},{"vulnerability":"VCID-rwu5-z6rj-uye7"},{"vulnerability":"VCID-s161-wyhp-e3hw"},{"vulnerability":"VCID-tba6-aqxs-nqgm"},{"vulnerability":"VCID-td2e-qeam-fucf"},{"vulnerability":"VCID-uhhu-7sbk-gqaf"},{"vulnerability":"VCID-usd5-mpjq-fkgm"},{"vulnerability":"VCID-vaam-cd2s-pkh3"},{"vulnerability":"VCID-vf8n-vse9-4qh3"},{"vulnerability":"VCID-vf9h-vkm4-afgk"},{"vulnerability":"VCID-vn8s-gm5x-eqbd"},{"vulnerability":"VCID-wez5-unzz-kudq"},{"vulnerability":"VCID-wt1r-6349-v7at"},{"vulnerability":"VCID-x85j-52ep-z7a4"},{"vulnerability":"VCID-xnb3-ch5w-d3bt"},{"vulnerability":"VCID-ze1t-z525-n3e2"},{"vulnerability":"VCID-zeyd-2fwn-87bh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.8%252Brepack1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98393?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98392?format=json","purl":"pkg:deb/debian/hdf5@1.14.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.6%252Brepack-2%3Fdistro=trixie"}],"aliases":["CVE-2018-17237"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ae73-ha67-tqgm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72288?format=json","vulnerability_id":"VCID-afg8-hmzq-xbf2","summary":"A division by zero was discovered in H5D__btree_decode_key in H5Dbtree.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service attack.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11203.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11203.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-11203","reference_id":"","reference_type":"","scores":[{"value":"0.00605","scoring_system":"epss","scoring_elements":"0.70014","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00605","scoring_system":"epss","scoring_elements":"0.70055","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00605","scoring_system":"epss","scoring_elements":"0.70064","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00605","scoring_system":"epss","scoring_elements":"0.70046","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-11203"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11203","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11203"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1579951","reference_id":"1579951","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1579951"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98394?format=json","purl":"pkg:deb/debian/hdf5@1.10.4%2Brepack-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.4%252Brepack-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98391?format=json","purl":"pkg:deb/debian/hdf5@1.10.6%2Brepack-4%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1qt2-92gt-f3fk"},{"vulnerability":"VCID-2r6p-322p-37dm"},{"vulnerability":"VCID-4kz9-zrss-83bx"},{"vulnerability":"VCID-5v4u-uu83-sqc8"},{"vulnerability":"VCID-7xfq-w24m-yugw"},{"vulnerability":"VCID-89j8-dfkx-2bhs"},{"vulnerability":"VCID-8aac-7mgq-h7a4"},{"vulnerability":"VCID-8df1-wt32-pqa6"},{"vulnerability":"VCID-8dhg-t7wf-v3ah"},{"vulnerability":"VCID-8jym-e7p3-7qgg"},{"vulnerability":"VCID-adzd-m4tm-v3f8"},{"vulnerability":"VCID-ajuw-pqtu-mygw"},{"vulnerability":"VCID-bhy6-usxm-h7a4"},{"vulnerability":"VCID-c2d5-k2pu-m3ba"},{"vulnerability":"VCID-c54w-b13w-uke7"},{"vulnerability":"VCID-caba-jf2d-yubt"},{"vulnerability":"VCID-d9fr-59ax-vya4"},{"vulnerability":"VCID-dmz7-rekk-1bax"},{"vulnerability":"VCID-e4aq-y2zm-tybp"},{"vulnerability":"VCID-euh2-g5tb-kyc7"},{"vulnerability":"VCID-evc7-d6mz-dqh7"},{"vulnerability":"VCID-g4wu-fszp-sbcp"},{"vulnerability":"VCID-h2q3-ub28-9ygd"},{"vulnerability":"VCID-hguc-e36x-kkfj"},{"vulnerability":"VCID-j2ck-xmvp-h7f7"},{"vulnerability":"VCID-jeu6-8nb9-d3ep"},{"vulnerability":"VCID-jgjd-n5m8-cbbk"},{"vulnerability":"VCID-kpny-jvxd-h7df"},{"vulnerability":"VCID-kx1u-3t7h-tyhb"},{"vulnerability":"VCID-mgev-h4d6-g3c9"},{"vulnerability":"VCID-mkrz-w4u4-tuaj"},{"vulnerability":"VCID-n1ag-bkf2-uyd8"},{"vulnerability":"VCID-n3sz-bxsj-dfbw"},{"vulnerability":"VCID-p3f9-9fu6-cbff"},{"vulnerability":"VCID-p78p-43n3-yqgg"},{"vulnerability":"VCID-pmtb-wxmw-2yh2"},{"vulnerability":"VCID-ppqc-1vsd-1qg6"},{"vulnerability":"VCID-qr98-8n65-eue6"},{"vulnerability":"VCID-qttu-atch-hkcq"},{"vulnerability":"VCID-qzz2-61s2-bkca"},{"vulnerability":"VCID-rr9y-73f6-ybab"},{"vulnerability":"VCID-rwu5-z6rj-uye7"},{"vulnerability":"VCID-s161-wyhp-e3hw"},{"vulnerability":"VCID-tba6-aqxs-nqgm"},{"vulnerability":"VCID-td2e-qeam-fucf"},{"vulnerability":"VCID-ua6h-y2bc-jqdy"},{"vulnerability":"VCID-uhhu-7sbk-gqaf"},{"vulnerability":"VCID-untx-ks69-4yc3"},{"vulnerability":"VCID-usd5-mpjq-fkgm"},{"vulnerability":"VCID-vaam-cd2s-pkh3"},{"vulnerability":"VCID-vf8n-vse9-4qh3"},{"vulnerability":"VCID-vf9h-vkm4-afgk"},{"vulnerability":"VCID-vn8s-gm5x-eqbd"},{"vulnerability":"VCID-wez5-unzz-kudq"},{"vulnerability":"VCID-wt1r-6349-v7at"},{"vulnerability":"VCID-x85j-52ep-z7a4"},{"vulnerability":"VCID-xnb3-ch5w-d3bt"},{"vulnerability":"VCID-ze1t-z525-n3e2"},{"vulnerability":"VCID-zeyd-2fwn-87bh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.6%252Brepack-4%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98389?format=json","purl":"pkg:deb/debian/hdf5@1.10.8%2Brepack1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1qt2-92gt-f3fk"},{"vulnerability":"VCID-2r6p-322p-37dm"},{"vulnerability":"VCID-5v4u-uu83-sqc8"},{"vulnerability":"VCID-7xfq-w24m-yugw"},{"vulnerability":"VCID-89j8-dfkx-2bhs"},{"vulnerability":"VCID-8aac-7mgq-h7a4"},{"vulnerability":"VCID-8df1-wt32-pqa6"},{"vulnerability":"VCID-8dhg-t7wf-v3ah"},{"vulnerability":"VCID-8jym-e7p3-7qgg"},{"vulnerability":"VCID-adzd-m4tm-v3f8"},{"vulnerability":"VCID-ajuw-pqtu-mygw"},{"vulnerability":"VCID-bhy6-usxm-h7a4"},{"vulnerability":"VCID-c2d5-k2pu-m3ba"},{"vulnerability":"VCID-c54w-b13w-uke7"},{"vulnerability":"VCID-caba-jf2d-yubt"},{"vulnerability":"VCID-d9fr-59ax-vya4"},{"vulnerability":"VCID-e4aq-y2zm-tybp"},{"vulnerability":"VCID-euh2-g5tb-kyc7"},{"vulnerability":"VCID-evc7-d6mz-dqh7"},{"vulnerability":"VCID-g4wu-fszp-sbcp"},{"vulnerability":"VCID-h2q3-ub28-9ygd"},{"vulnerability":"VCID-hguc-e36x-kkfj"},{"vulnerability":"VCID-j2ck-xmvp-h7f7"},{"vulnerability":"VCID-jeu6-8nb9-d3ep"},{"vulnerability":"VCID-jgjd-n5m8-cbbk"},{"vulnerability":"VCID-kx1u-3t7h-tyhb"},{"vulnerability":"VCID-mgev-h4d6-g3c9"},{"vulnerability":"VCID-mkrz-w4u4-tuaj"},{"vulnerability":"VCID-n1ag-bkf2-uyd8"},{"vulnerability":"VCID-n3sz-bxsj-dfbw"},{"vulnerability":"VCID-p3f9-9fu6-cbff"},{"vulnerability":"VCID-ppqc-1vsd-1qg6"},{"vulnerability":"VCID-qr98-8n65-eue6"},{"vulnerability":"VCID-qzz2-61s2-bkca"},{"vulnerability":"VCID-rr9y-73f6-ybab"},{"vulnerability":"VCID-rwu5-z6rj-uye7"},{"vulnerability":"VCID-s161-wyhp-e3hw"},{"vulnerability":"VCID-tba6-aqxs-nqgm"},{"vulnerability":"VCID-td2e-qeam-fucf"},{"vulnerability":"VCID-uhhu-7sbk-gqaf"},{"vulnerability":"VCID-usd5-mpjq-fkgm"},{"vulnerability":"VCID-vaam-cd2s-pkh3"},{"vulnerability":"VCID-vf8n-vse9-4qh3"},{"vulnerability":"VCID-vf9h-vkm4-afgk"},{"vulnerability":"VCID-vn8s-gm5x-eqbd"},{"vulnerability":"VCID-wez5-unzz-kudq"},{"vulnerability":"VCID-wt1r-6349-v7at"},{"vulnerability":"VCID-x85j-52ep-z7a4"},{"vulnerability":"VCID-xnb3-ch5w-d3bt"},{"vulnerability":"VCID-ze1t-z525-n3e2"},{"vulnerability":"VCID-zeyd-2fwn-87bh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.8%252Brepack1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98393?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98392?format=json","purl":"pkg:deb/debian/hdf5@1.14.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.6%252Brepack-2%3Fdistro=trixie"}],"aliases":["CVE-2018-11203"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-afg8-hmzq-xbf2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72276?format=json","vulnerability_id":"VCID-amvr-fecp-rkdr","summary":"The library's failure to check if certain message types support a particular flag, the HDF5 1.8.16 library will cast the structure to an alternative structure and then assign to fields that aren't supported by the message type and the library will write outside the bounds of the heap buffer. This can lead to code execution under the context of the library.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4332.json","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4332.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-4332","reference_id":"","reference_type":"","scores":[{"value":"0.0011","scoring_system":"epss","scoring_elements":"0.28896","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0011","scoring_system":"epss","scoring_elements":"0.28967","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0011","scoring_system":"epss","scoring_elements":"0.28931","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0011","scoring_system":"epss","scoring_elements":"0.28895","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-4332"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4330","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4330"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4331","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4331"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4332","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4332"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4333","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4333"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1397707","reference_id":"1397707","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1397707"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=845301","reference_id":"845301","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=845301"},{"reference_url":"https://security.gentoo.org/glsa/201701-13","reference_id":"GLSA-201701-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-13"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98390?format=json","purl":"pkg:deb/debian/hdf5@1.10.0-patch1%2Bdocs-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.0-patch1%252Bdocs-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98391?format=json","purl":"pkg:deb/debian/hdf5@1.10.6%2Brepack-4%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1qt2-92gt-f3fk"},{"vulnerability":"VCID-2r6p-322p-37dm"},{"vulnerability":"VCID-4kz9-zrss-83bx"},{"vulnerability":"VCID-5v4u-uu83-sqc8"},{"vulnerability":"VCID-7xfq-w24m-yugw"},{"vulnerability":"VCID-89j8-dfkx-2bhs"},{"vulnerability":"VCID-8aac-7mgq-h7a4"},{"vulnerability":"VCID-8df1-wt32-pqa6"},{"vulnerability":"VCID-8dhg-t7wf-v3ah"},{"vulnerability":"VCID-8jym-e7p3-7qgg"},{"vulnerability":"VCID-adzd-m4tm-v3f8"},{"vulnerability":"VCID-ajuw-pqtu-mygw"},{"vulnerability":"VCID-bhy6-usxm-h7a4"},{"vulnerability":"VCID-c2d5-k2pu-m3ba"},{"vulnerability":"VCID-c54w-b13w-uke7"},{"vulnerability":"VCID-caba-jf2d-yubt"},{"vulnerability":"VCID-d9fr-59ax-vya4"},{"vulnerability":"VCID-dmz7-rekk-1bax"},{"vulnerability":"VCID-e4aq-y2zm-tybp"},{"vulnerability":"VCID-euh2-g5tb-kyc7"},{"vulnerability":"VCID-evc7-d6mz-dqh7"},{"vulnerability":"VCID-g4wu-fszp-sbcp"},{"vulnerability":"VCID-h2q3-ub28-9ygd"},{"vulnerability":"VCID-hguc-e36x-kkfj"},{"vulnerability":"VCID-j2ck-xmvp-h7f7"},{"vulnerability":"VCID-jeu6-8nb9-d3ep"},{"vulnerability":"VCID-jgjd-n5m8-cbbk"},{"vulnerability":"VCID-kpny-jvxd-h7df"},{"vulnerability":"VCID-kx1u-3t7h-tyhb"},{"vulnerability":"VCID-mgev-h4d6-g3c9"},{"vulnerability":"VCID-mkrz-w4u4-tuaj"},{"vulnerability":"VCID-n1ag-bkf2-uyd8"},{"vulnerability":"VCID-n3sz-bxsj-dfbw"},{"vulnerability":"VCID-p3f9-9fu6-cbff"},{"vulnerability":"VCID-p78p-43n3-yqgg"},{"vulnerability":"VCID-pmtb-wxmw-2yh2"},{"vulnerability":"VCID-ppqc-1vsd-1qg6"},{"vulnerability":"VCID-qr98-8n65-eue6"},{"vulnerability":"VCID-qttu-atch-hkcq"},{"vulnerability":"VCID-qzz2-61s2-bkca"},{"vulnerability":"VCID-rr9y-73f6-ybab"},{"vulnerability":"VCID-rwu5-z6rj-uye7"},{"vulnerability":"VCID-s161-wyhp-e3hw"},{"vulnerability":"VCID-tba6-aqxs-nqgm"},{"vulnerability":"VCID-td2e-qeam-fucf"},{"vulnerability":"VCID-ua6h-y2bc-jqdy"},{"vulnerability":"VCID-uhhu-7sbk-gqaf"},{"vulnerability":"VCID-untx-ks69-4yc3"},{"vulnerability":"VCID-usd5-mpjq-fkgm"},{"vulnerability":"VCID-vaam-cd2s-pkh3"},{"vulnerability":"VCID-vf8n-vse9-4qh3"},{"vulnerability":"VCID-vf9h-vkm4-afgk"},{"vulnerability":"VCID-vn8s-gm5x-eqbd"},{"vulnerability":"VCID-wez5-unzz-kudq"},{"vulnerability":"VCID-wt1r-6349-v7at"},{"vulnerability":"VCID-x85j-52ep-z7a4"},{"vulnerability":"VCID-xnb3-ch5w-d3bt"},{"vulnerability":"VCID-ze1t-z525-n3e2"},{"vulnerability":"VCID-zeyd-2fwn-87bh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.6%252Brepack-4%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98389?format=json","purl":"pkg:deb/debian/hdf5@1.10.8%2Brepack1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1qt2-92gt-f3fk"},{"vulnerability":"VCID-2r6p-322p-37dm"},{"vulnerability":"VCID-5v4u-uu83-sqc8"},{"vulnerability":"VCID-7xfq-w24m-yugw"},{"vulnerability":"VCID-89j8-dfkx-2bhs"},{"vulnerability":"VCID-8aac-7mgq-h7a4"},{"vulnerability":"VCID-8df1-wt32-pqa6"},{"vulnerability":"VCID-8dhg-t7wf-v3ah"},{"vulnerability":"VCID-8jym-e7p3-7qgg"},{"vulnerability":"VCID-adzd-m4tm-v3f8"},{"vulnerability":"VCID-ajuw-pqtu-mygw"},{"vulnerability":"VCID-bhy6-usxm-h7a4"},{"vulnerability":"VCID-c2d5-k2pu-m3ba"},{"vulnerability":"VCID-c54w-b13w-uke7"},{"vulnerability":"VCID-caba-jf2d-yubt"},{"vulnerability":"VCID-d9fr-59ax-vya4"},{"vulnerability":"VCID-e4aq-y2zm-tybp"},{"vulnerability":"VCID-euh2-g5tb-kyc7"},{"vulnerability":"VCID-evc7-d6mz-dqh7"},{"vulnerability":"VCID-g4wu-fszp-sbcp"},{"vulnerability":"VCID-h2q3-ub28-9ygd"},{"vulnerability":"VCID-hguc-e36x-kkfj"},{"vulnerability":"VCID-j2ck-xmvp-h7f7"},{"vulnerability":"VCID-jeu6-8nb9-d3ep"},{"vulnerability":"VCID-jgjd-n5m8-cbbk"},{"vulnerability":"VCID-kx1u-3t7h-tyhb"},{"vulnerability":"VCID-mgev-h4d6-g3c9"},{"vulnerability":"VCID-mkrz-w4u4-tuaj"},{"vulnerability":"VCID-n1ag-bkf2-uyd8"},{"vulnerability":"VCID-n3sz-bxsj-dfbw"},{"vulnerability":"VCID-p3f9-9fu6-cbff"},{"vulnerability":"VCID-ppqc-1vsd-1qg6"},{"vulnerability":"VCID-qr98-8n65-eue6"},{"vulnerability":"VCID-qzz2-61s2-bkca"},{"vulnerability":"VCID-rr9y-73f6-ybab"},{"vulnerability":"VCID-rwu5-z6rj-uye7"},{"vulnerability":"VCID-s161-wyhp-e3hw"},{"vulnerability":"VCID-tba6-aqxs-nqgm"},{"vulnerability":"VCID-td2e-qeam-fucf"},{"vulnerability":"VCID-uhhu-7sbk-gqaf"},{"vulnerability":"VCID-usd5-mpjq-fkgm"},{"vulnerability":"VCID-vaam-cd2s-pkh3"},{"vulnerability":"VCID-vf8n-vse9-4qh3"},{"vulnerability":"VCID-vf9h-vkm4-afgk"},{"vulnerability":"VCID-vn8s-gm5x-eqbd"},{"vulnerability":"VCID-wez5-unzz-kudq"},{"vulnerability":"VCID-wt1r-6349-v7at"},{"vulnerability":"VCID-x85j-52ep-z7a4"},{"vulnerability":"VCID-xnb3-ch5w-d3bt"},{"vulnerability":"VCID-ze1t-z525-n3e2"},{"vulnerability":"VCID-zeyd-2fwn-87bh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.8%252Brepack1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98393?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98392?format=json","purl":"pkg:deb/debian/hdf5@1.14.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.6%252Brepack-2%3Fdistro=trixie"}],"aliases":["CVE-2016-4332"],"risk_score":3.9,"exploitability":"0.5","weighted_severity":"7.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-amvr-fecp-rkdr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72280?format=json","vulnerability_id":"VCID-bqwb-uc25-6ucm","summary":"In HDF5 1.10.1, there is an out of bounds read vulnerability in the function H5Opline_pline_decode in H5Opline.c in libhdf5.a. For example, h5dump would crash when someone opens a crafted hdf5 file.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17506.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17506.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-17506","reference_id":"","reference_type":"","scores":[{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.63102","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.6306","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.63104","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.63112","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-17506"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17506","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17506"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:N/C:P/I:N/A:P"},{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1524907","reference_id":"1524907","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1524907"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=884365","reference_id":"884365","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=884365"},{"reference_url":"https://usn.ubuntu.com/USN-4817-1/","reference_id":"USN-USN-4817-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-4817-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98394?format=json","purl":"pkg:deb/debian/hdf5@1.10.4%2Brepack-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.4%252Brepack-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98391?format=json","purl":"pkg:deb/debian/hdf5@1.10.6%2Brepack-4%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1qt2-92gt-f3fk"},{"vulnerability":"VCID-2r6p-322p-37dm"},{"vulnerability":"VCID-4kz9-zrss-83bx"},{"vulnerability":"VCID-5v4u-uu83-sqc8"},{"vulnerability":"VCID-7xfq-w24m-yugw"},{"vulnerability":"VCID-89j8-dfkx-2bhs"},{"vulnerability":"VCID-8aac-7mgq-h7a4"},{"vulnerability":"VCID-8df1-wt32-pqa6"},{"vulnerability":"VCID-8dhg-t7wf-v3ah"},{"vulnerability":"VCID-8jym-e7p3-7qgg"},{"vulnerability":"VCID-adzd-m4tm-v3f8"},{"vulnerability":"VCID-ajuw-pqtu-mygw"},{"vulnerability":"VCID-bhy6-usxm-h7a4"},{"vulnerability":"VCID-c2d5-k2pu-m3ba"},{"vulnerability":"VCID-c54w-b13w-uke7"},{"vulnerability":"VCID-caba-jf2d-yubt"},{"vulnerability":"VCID-d9fr-59ax-vya4"},{"vulnerability":"VCID-dmz7-rekk-1bax"},{"vulnerability":"VCID-e4aq-y2zm-tybp"},{"vulnerability":"VCID-euh2-g5tb-kyc7"},{"vulnerability":"VCID-evc7-d6mz-dqh7"},{"vulnerability":"VCID-g4wu-fszp-sbcp"},{"vulnerability":"VCID-h2q3-ub28-9ygd"},{"vulnerability":"VCID-hguc-e36x-kkfj"},{"vulnerability":"VCID-j2ck-xmvp-h7f7"},{"vulnerability":"VCID-jeu6-8nb9-d3ep"},{"vulnerability":"VCID-jgjd-n5m8-cbbk"},{"vulnerability":"VCID-kpny-jvxd-h7df"},{"vulnerability":"VCID-kx1u-3t7h-tyhb"},{"vulnerability":"VCID-mgev-h4d6-g3c9"},{"vulnerability":"VCID-mkrz-w4u4-tuaj"},{"vulnerability":"VCID-n1ag-bkf2-uyd8"},{"vulnerability":"VCID-n3sz-bxsj-dfbw"},{"vulnerability":"VCID-p3f9-9fu6-cbff"},{"vulnerability":"VCID-p78p-43n3-yqgg"},{"vulnerability":"VCID-pmtb-wxmw-2yh2"},{"vulnerability":"VCID-ppqc-1vsd-1qg6"},{"vulnerability":"VCID-qr98-8n65-eue6"},{"vulnerability":"VCID-qttu-atch-hkcq"},{"vulnerability":"VCID-qzz2-61s2-bkca"},{"vulnerability":"VCID-rr9y-73f6-ybab"},{"vulnerability":"VCID-rwu5-z6rj-uye7"},{"vulnerability":"VCID-s161-wyhp-e3hw"},{"vulnerability":"VCID-tba6-aqxs-nqgm"},{"vulnerability":"VCID-td2e-qeam-fucf"},{"vulnerability":"VCID-ua6h-y2bc-jqdy"},{"vulnerability":"VCID-uhhu-7sbk-gqaf"},{"vulnerability":"VCID-untx-ks69-4yc3"},{"vulnerability":"VCID-usd5-mpjq-fkgm"},{"vulnerability":"VCID-vaam-cd2s-pkh3"},{"vulnerability":"VCID-vf8n-vse9-4qh3"},{"vulnerability":"VCID-vf9h-vkm4-afgk"},{"vulnerability":"VCID-vn8s-gm5x-eqbd"},{"vulnerability":"VCID-wez5-unzz-kudq"},{"vulnerability":"VCID-wt1r-6349-v7at"},{"vulnerability":"VCID-x85j-52ep-z7a4"},{"vulnerability":"VCID-xnb3-ch5w-d3bt"},{"vulnerability":"VCID-ze1t-z525-n3e2"},{"vulnerability":"VCID-zeyd-2fwn-87bh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.6%252Brepack-4%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98389?format=json","purl":"pkg:deb/debian/hdf5@1.10.8%2Brepack1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1qt2-92gt-f3fk"},{"vulnerability":"VCID-2r6p-322p-37dm"},{"vulnerability":"VCID-5v4u-uu83-sqc8"},{"vulnerability":"VCID-7xfq-w24m-yugw"},{"vulnerability":"VCID-89j8-dfkx-2bhs"},{"vulnerability":"VCID-8aac-7mgq-h7a4"},{"vulnerability":"VCID-8df1-wt32-pqa6"},{"vulnerability":"VCID-8dhg-t7wf-v3ah"},{"vulnerability":"VCID-8jym-e7p3-7qgg"},{"vulnerability":"VCID-adzd-m4tm-v3f8"},{"vulnerability":"VCID-ajuw-pqtu-mygw"},{"vulnerability":"VCID-bhy6-usxm-h7a4"},{"vulnerability":"VCID-c2d5-k2pu-m3ba"},{"vulnerability":"VCID-c54w-b13w-uke7"},{"vulnerability":"VCID-caba-jf2d-yubt"},{"vulnerability":"VCID-d9fr-59ax-vya4"},{"vulnerability":"VCID-e4aq-y2zm-tybp"},{"vulnerability":"VCID-euh2-g5tb-kyc7"},{"vulnerability":"VCID-evc7-d6mz-dqh7"},{"vulnerability":"VCID-g4wu-fszp-sbcp"},{"vulnerability":"VCID-h2q3-ub28-9ygd"},{"vulnerability":"VCID-hguc-e36x-kkfj"},{"vulnerability":"VCID-j2ck-xmvp-h7f7"},{"vulnerability":"VCID-jeu6-8nb9-d3ep"},{"vulnerability":"VCID-jgjd-n5m8-cbbk"},{"vulnerability":"VCID-kx1u-3t7h-tyhb"},{"vulnerability":"VCID-mgev-h4d6-g3c9"},{"vulnerability":"VCID-mkrz-w4u4-tuaj"},{"vulnerability":"VCID-n1ag-bkf2-uyd8"},{"vulnerability":"VCID-n3sz-bxsj-dfbw"},{"vulnerability":"VCID-p3f9-9fu6-cbff"},{"vulnerability":"VCID-ppqc-1vsd-1qg6"},{"vulnerability":"VCID-qr98-8n65-eue6"},{"vulnerability":"VCID-qzz2-61s2-bkca"},{"vulnerability":"VCID-rr9y-73f6-ybab"},{"vulnerability":"VCID-rwu5-z6rj-uye7"},{"vulnerability":"VCID-s161-wyhp-e3hw"},{"vulnerability":"VCID-tba6-aqxs-nqgm"},{"vulnerability":"VCID-td2e-qeam-fucf"},{"vulnerability":"VCID-uhhu-7sbk-gqaf"},{"vulnerability":"VCID-usd5-mpjq-fkgm"},{"vulnerability":"VCID-vaam-cd2s-pkh3"},{"vulnerability":"VCID-vf8n-vse9-4qh3"},{"vulnerability":"VCID-vf9h-vkm4-afgk"},{"vulnerability":"VCID-vn8s-gm5x-eqbd"},{"vulnerability":"VCID-wez5-unzz-kudq"},{"vulnerability":"VCID-wt1r-6349-v7at"},{"vulnerability":"VCID-x85j-52ep-z7a4"},{"vulnerability":"VCID-xnb3-ch5w-d3bt"},{"vulnerability":"VCID-ze1t-z525-n3e2"},{"vulnerability":"VCID-zeyd-2fwn-87bh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.8%252Brepack1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98393?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98392?format=json","purl":"pkg:deb/debian/hdf5@1.14.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.6%252Brepack-2%3Fdistro=trixie"}],"aliases":["CVE-2017-17506"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bqwb-uc25-6ucm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72324?format=json","vulnerability_id":"VCID-bv3t-82cc-qfd8","summary":"A SIGFPE signal is raised in the function apply_filters() of h5repack_filters.c in the HDF HDF5 through 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection against division by zero. It could allow a remote denial of service attack.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17434.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17434.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-17434","reference_id":"","reference_type":"","scores":[{"value":"0.00287","scoring_system":"epss","scoring_elements":"0.52418","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00287","scoring_system":"epss","scoring_elements":"0.52478","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00287","scoring_system":"epss","scoring_elements":"0.52486","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00287","scoring_system":"epss","scoring_elements":"0.52466","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-17434"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17434","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17434"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1634121","reference_id":"1634121","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1634121"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98406?format=json","purl":"pkg:deb/debian/hdf5@1.10.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.6%252Brepack-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98391?format=json","purl":"pkg:deb/debian/hdf5@1.10.6%2Brepack-4%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1qt2-92gt-f3fk"},{"vulnerability":"VCID-2r6p-322p-37dm"},{"vulnerability":"VCID-4kz9-zrss-83bx"},{"vulnerability":"VCID-5v4u-uu83-sqc8"},{"vulnerability":"VCID-7xfq-w24m-yugw"},{"vulnerability":"VCID-89j8-dfkx-2bhs"},{"vulnerability":"VCID-8aac-7mgq-h7a4"},{"vulnerability":"VCID-8df1-wt32-pqa6"},{"vulnerability":"VCID-8dhg-t7wf-v3ah"},{"vulnerability":"VCID-8jym-e7p3-7qgg"},{"vulnerability":"VCID-adzd-m4tm-v3f8"},{"vulnerability":"VCID-ajuw-pqtu-mygw"},{"vulnerability":"VCID-bhy6-usxm-h7a4"},{"vulnerability":"VCID-c2d5-k2pu-m3ba"},{"vulnerability":"VCID-c54w-b13w-uke7"},{"vulnerability":"VCID-caba-jf2d-yubt"},{"vulnerability":"VCID-d9fr-59ax-vya4"},{"vulnerability":"VCID-dmz7-rekk-1bax"},{"vulnerability":"VCID-e4aq-y2zm-tybp"},{"vulnerability":"VCID-euh2-g5tb-kyc7"},{"vulnerability":"VCID-evc7-d6mz-dqh7"},{"vulnerability":"VCID-g4wu-fszp-sbcp"},{"vulnerability":"VCID-h2q3-ub28-9ygd"},{"vulnerability":"VCID-hguc-e36x-kkfj"},{"vulnerability":"VCID-j2ck-xmvp-h7f7"},{"vulnerability":"VCID-jeu6-8nb9-d3ep"},{"vulnerability":"VCID-jgjd-n5m8-cbbk"},{"vulnerability":"VCID-kpny-jvxd-h7df"},{"vulnerability":"VCID-kx1u-3t7h-tyhb"},{"vulnerability":"VCID-mgev-h4d6-g3c9"},{"vulnerability":"VCID-mkrz-w4u4-tuaj"},{"vulnerability":"VCID-n1ag-bkf2-uyd8"},{"vulnerability":"VCID-n3sz-bxsj-dfbw"},{"vulnerability":"VCID-p3f9-9fu6-cbff"},{"vulnerability":"VCID-p78p-43n3-yqgg"},{"vulnerability":"VCID-pmtb-wxmw-2yh2"},{"vulnerability":"VCID-ppqc-1vsd-1qg6"},{"vulnerability":"VCID-qr98-8n65-eue6"},{"vulnerability":"VCID-qttu-atch-hkcq"},{"vulnerability":"VCID-qzz2-61s2-bkca"},{"vulnerability":"VCID-rr9y-73f6-ybab"},{"vulnerability":"VCID-rwu5-z6rj-uye7"},{"vulnerability":"VCID-s161-wyhp-e3hw"},{"vulnerability":"VCID-tba6-aqxs-nqgm"},{"vulnerability":"VCID-td2e-qeam-fucf"},{"vulnerability":"VCID-ua6h-y2bc-jqdy"},{"vulnerability":"VCID-uhhu-7sbk-gqaf"},{"vulnerability":"VCID-untx-ks69-4yc3"},{"vulnerability":"VCID-usd5-mpjq-fkgm"},{"vulnerability":"VCID-vaam-cd2s-pkh3"},{"vulnerability":"VCID-vf8n-vse9-4qh3"},{"vulnerability":"VCID-vf9h-vkm4-afgk"},{"vulnerability":"VCID-vn8s-gm5x-eqbd"},{"vulnerability":"VCID-wez5-unzz-kudq"},{"vulnerability":"VCID-wt1r-6349-v7at"},{"vulnerability":"VCID-x85j-52ep-z7a4"},{"vulnerability":"VCID-xnb3-ch5w-d3bt"},{"vulnerability":"VCID-ze1t-z525-n3e2"},{"vulnerability":"VCID-zeyd-2fwn-87bh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.6%252Brepack-4%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98389?format=json","purl":"pkg:deb/debian/hdf5@1.10.8%2Brepack1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1qt2-92gt-f3fk"},{"vulnerability":"VCID-2r6p-322p-37dm"},{"vulnerability":"VCID-5v4u-uu83-sqc8"},{"vulnerability":"VCID-7xfq-w24m-yugw"},{"vulnerability":"VCID-89j8-dfkx-2bhs"},{"vulnerability":"VCID-8aac-7mgq-h7a4"},{"vulnerability":"VCID-8df1-wt32-pqa6"},{"vulnerability":"VCID-8dhg-t7wf-v3ah"},{"vulnerability":"VCID-8jym-e7p3-7qgg"},{"vulnerability":"VCID-adzd-m4tm-v3f8"},{"vulnerability":"VCID-ajuw-pqtu-mygw"},{"vulnerability":"VCID-bhy6-usxm-h7a4"},{"vulnerability":"VCID-c2d5-k2pu-m3ba"},{"vulnerability":"VCID-c54w-b13w-uke7"},{"vulnerability":"VCID-caba-jf2d-yubt"},{"vulnerability":"VCID-d9fr-59ax-vya4"},{"vulnerability":"VCID-e4aq-y2zm-tybp"},{"vulnerability":"VCID-euh2-g5tb-kyc7"},{"vulnerability":"VCID-evc7-d6mz-dqh7"},{"vulnerability":"VCID-g4wu-fszp-sbcp"},{"vulnerability":"VCID-h2q3-ub28-9ygd"},{"vulnerability":"VCID-hguc-e36x-kkfj"},{"vulnerability":"VCID-j2ck-xmvp-h7f7"},{"vulnerability":"VCID-jeu6-8nb9-d3ep"},{"vulnerability":"VCID-jgjd-n5m8-cbbk"},{"vulnerability":"VCID-kx1u-3t7h-tyhb"},{"vulnerability":"VCID-mgev-h4d6-g3c9"},{"vulnerability":"VCID-mkrz-w4u4-tuaj"},{"vulnerability":"VCID-n1ag-bkf2-uyd8"},{"vulnerability":"VCID-n3sz-bxsj-dfbw"},{"vulnerability":"VCID-p3f9-9fu6-cbff"},{"vulnerability":"VCID-ppqc-1vsd-1qg6"},{"vulnerability":"VCID-qr98-8n65-eue6"},{"vulnerability":"VCID-qzz2-61s2-bkca"},{"vulnerability":"VCID-rr9y-73f6-ybab"},{"vulnerability":"VCID-rwu5-z6rj-uye7"},{"vulnerability":"VCID-s161-wyhp-e3hw"},{"vulnerability":"VCID-tba6-aqxs-nqgm"},{"vulnerability":"VCID-td2e-qeam-fucf"},{"vulnerability":"VCID-uhhu-7sbk-gqaf"},{"vulnerability":"VCID-usd5-mpjq-fkgm"},{"vulnerability":"VCID-vaam-cd2s-pkh3"},{"vulnerability":"VCID-vf8n-vse9-4qh3"},{"vulnerability":"VCID-vf9h-vkm4-afgk"},{"vulnerability":"VCID-vn8s-gm5x-eqbd"},{"vulnerability":"VCID-wez5-unzz-kudq"},{"vulnerability":"VCID-wt1r-6349-v7at"},{"vulnerability":"VCID-x85j-52ep-z7a4"},{"vulnerability":"VCID-xnb3-ch5w-d3bt"},{"vulnerability":"VCID-ze1t-z525-n3e2"},{"vulnerability":"VCID-zeyd-2fwn-87bh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.8%252Brepack1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98393?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98392?format=json","purl":"pkg:deb/debian/hdf5@1.14.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.6%252Brepack-2%3Fdistro=trixie"}],"aliases":["CVE-2018-17434"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bv3t-82cc-qfd8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72275?format=json","vulnerability_id":"VCID-c1z9-d33b-w3e6","summary":"When decoding data out of a dataset encoded with the H5Z_NBIT decoding, the HDF5 1.8.16 library will fail to ensure that the precision is within the bounds of the size leading to arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4331.json","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4331.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-4331","reference_id":"","reference_type":"","scores":[{"value":"0.0045","scoring_system":"epss","scoring_elements":"0.63984","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0045","scoring_system":"epss","scoring_elements":"0.64026","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0045","scoring_system":"epss","scoring_elements":"0.64034","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0045","scoring_system":"epss","scoring_elements":"0.64024","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-4331"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4330","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4330"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4331","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4331"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4332","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4332"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4333","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4333"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1397704","reference_id":"1397704","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1397704"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=845301","reference_id":"845301","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=845301"},{"reference_url":"https://security.gentoo.org/glsa/201701-13","reference_id":"GLSA-201701-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-13"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98390?format=json","purl":"pkg:deb/debian/hdf5@1.10.0-patch1%2Bdocs-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.0-patch1%252Bdocs-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98391?format=json","purl":"pkg:deb/debian/hdf5@1.10.6%2Brepack-4%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1qt2-92gt-f3fk"},{"vulnerability":"VCID-2r6p-322p-37dm"},{"vulnerability":"VCID-4kz9-zrss-83bx"},{"vulnerability":"VCID-5v4u-uu83-sqc8"},{"vulnerability":"VCID-7xfq-w24m-yugw"},{"vulnerability":"VCID-89j8-dfkx-2bhs"},{"vulnerability":"VCID-8aac-7mgq-h7a4"},{"vulnerability":"VCID-8df1-wt32-pqa6"},{"vulnerability":"VCID-8dhg-t7wf-v3ah"},{"vulnerability":"VCID-8jym-e7p3-7qgg"},{"vulnerability":"VCID-adzd-m4tm-v3f8"},{"vulnerability":"VCID-ajuw-pqtu-mygw"},{"vulnerability":"VCID-bhy6-usxm-h7a4"},{"vulnerability":"VCID-c2d5-k2pu-m3ba"},{"vulnerability":"VCID-c54w-b13w-uke7"},{"vulnerability":"VCID-caba-jf2d-yubt"},{"vulnerability":"VCID-d9fr-59ax-vya4"},{"vulnerability":"VCID-dmz7-rekk-1bax"},{"vulnerability":"VCID-e4aq-y2zm-tybp"},{"vulnerability":"VCID-euh2-g5tb-kyc7"},{"vulnerability":"VCID-evc7-d6mz-dqh7"},{"vulnerability":"VCID-g4wu-fszp-sbcp"},{"vulnerability":"VCID-h2q3-ub28-9ygd"},{"vulnerability":"VCID-hguc-e36x-kkfj"},{"vulnerability":"VCID-j2ck-xmvp-h7f7"},{"vulnerability":"VCID-jeu6-8nb9-d3ep"},{"vulnerability":"VCID-jgjd-n5m8-cbbk"},{"vulnerability":"VCID-kpny-jvxd-h7df"},{"vulnerability":"VCID-kx1u-3t7h-tyhb"},{"vulnerability":"VCID-mgev-h4d6-g3c9"},{"vulnerability":"VCID-mkrz-w4u4-tuaj"},{"vulnerability":"VCID-n1ag-bkf2-uyd8"},{"vulnerability":"VCID-n3sz-bxsj-dfbw"},{"vulnerability":"VCID-p3f9-9fu6-cbff"},{"vulnerability":"VCID-p78p-43n3-yqgg"},{"vulnerability":"VCID-pmtb-wxmw-2yh2"},{"vulnerability":"VCID-ppqc-1vsd-1qg6"},{"vulnerability":"VCID-qr98-8n65-eue6"},{"vulnerability":"VCID-qttu-atch-hkcq"},{"vulnerability":"VCID-qzz2-61s2-bkca"},{"vulnerability":"VCID-rr9y-73f6-ybab"},{"vulnerability":"VCID-rwu5-z6rj-uye7"},{"vulnerability":"VCID-s161-wyhp-e3hw"},{"vulnerability":"VCID-tba6-aqxs-nqgm"},{"vulnerability":"VCID-td2e-qeam-fucf"},{"vulnerability":"VCID-ua6h-y2bc-jqdy"},{"vulnerability":"VCID-uhhu-7sbk-gqaf"},{"vulnerability":"VCID-untx-ks69-4yc3"},{"vulnerability":"VCID-usd5-mpjq-fkgm"},{"vulnerability":"VCID-vaam-cd2s-pkh3"},{"vulnerability":"VCID-vf8n-vse9-4qh3"},{"vulnerability":"VCID-vf9h-vkm4-afgk"},{"vulnerability":"VCID-vn8s-gm5x-eqbd"},{"vulnerability":"VCID-wez5-unzz-kudq"},{"vulnerability":"VCID-wt1r-6349-v7at"},{"vulnerability":"VCID-x85j-52ep-z7a4"},{"vulnerability":"VCID-xnb3-ch5w-d3bt"},{"vulnerability":"VCID-ze1t-z525-n3e2"},{"vulnerability":"VCID-zeyd-2fwn-87bh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.6%252Brepack-4%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98389?format=json","purl":"pkg:deb/debian/hdf5@1.10.8%2Brepack1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1qt2-92gt-f3fk"},{"vulnerability":"VCID-2r6p-322p-37dm"},{"vulnerability":"VCID-5v4u-uu83-sqc8"},{"vulnerability":"VCID-7xfq-w24m-yugw"},{"vulnerability":"VCID-89j8-dfkx-2bhs"},{"vulnerability":"VCID-8aac-7mgq-h7a4"},{"vulnerability":"VCID-8df1-wt32-pqa6"},{"vulnerability":"VCID-8dhg-t7wf-v3ah"},{"vulnerability":"VCID-8jym-e7p3-7qgg"},{"vulnerability":"VCID-adzd-m4tm-v3f8"},{"vulnerability":"VCID-ajuw-pqtu-mygw"},{"vulnerability":"VCID-bhy6-usxm-h7a4"},{"vulnerability":"VCID-c2d5-k2pu-m3ba"},{"vulnerability":"VCID-c54w-b13w-uke7"},{"vulnerability":"VCID-caba-jf2d-yubt"},{"vulnerability":"VCID-d9fr-59ax-vya4"},{"vulnerability":"VCID-e4aq-y2zm-tybp"},{"vulnerability":"VCID-euh2-g5tb-kyc7"},{"vulnerability":"VCID-evc7-d6mz-dqh7"},{"vulnerability":"VCID-g4wu-fszp-sbcp"},{"vulnerability":"VCID-h2q3-ub28-9ygd"},{"vulnerability":"VCID-hguc-e36x-kkfj"},{"vulnerability":"VCID-j2ck-xmvp-h7f7"},{"vulnerability":"VCID-jeu6-8nb9-d3ep"},{"vulnerability":"VCID-jgjd-n5m8-cbbk"},{"vulnerability":"VCID-kx1u-3t7h-tyhb"},{"vulnerability":"VCID-mgev-h4d6-g3c9"},{"vulnerability":"VCID-mkrz-w4u4-tuaj"},{"vulnerability":"VCID-n1ag-bkf2-uyd8"},{"vulnerability":"VCID-n3sz-bxsj-dfbw"},{"vulnerability":"VCID-p3f9-9fu6-cbff"},{"vulnerability":"VCID-ppqc-1vsd-1qg6"},{"vulnerability":"VCID-qr98-8n65-eue6"},{"vulnerability":"VCID-qzz2-61s2-bkca"},{"vulnerability":"VCID-rr9y-73f6-ybab"},{"vulnerability":"VCID-rwu5-z6rj-uye7"},{"vulnerability":"VCID-s161-wyhp-e3hw"},{"vulnerability":"VCID-tba6-aqxs-nqgm"},{"vulnerability":"VCID-td2e-qeam-fucf"},{"vulnerability":"VCID-uhhu-7sbk-gqaf"},{"vulnerability":"VCID-usd5-mpjq-fkgm"},{"vulnerability":"VCID-vaam-cd2s-pkh3"},{"vulnerability":"VCID-vf8n-vse9-4qh3"},{"vulnerability":"VCID-vf9h-vkm4-afgk"},{"vulnerability":"VCID-vn8s-gm5x-eqbd"},{"vulnerability":"VCID-wez5-unzz-kudq"},{"vulnerability":"VCID-wt1r-6349-v7at"},{"vulnerability":"VCID-x85j-52ep-z7a4"},{"vulnerability":"VCID-xnb3-ch5w-d3bt"},{"vulnerability":"VCID-ze1t-z525-n3e2"},{"vulnerability":"VCID-zeyd-2fwn-87bh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.8%252Brepack1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98393?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98392?format=json","purl":"pkg:deb/debian/hdf5@1.14.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.6%252Brepack-2%3Fdistro=trixie"}],"aliases":["CVE-2016-4331"],"risk_score":3.9,"exploitability":"0.5","weighted_severity":"7.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c1z9-d33b-w3e6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72290?format=json","vulnerability_id":"VCID-chka-ff1j-gqe3","summary":"A NULL pointer dereference was discovered in H5O__chunk_deserialize in H5Ocache.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service attack.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11204.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11204.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-11204","reference_id":"","reference_type":"","scores":[{"value":"0.0036","scoring_system":"epss","scoring_elements":"0.58454","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0036","scoring_system":"epss","scoring_elements":"0.585","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0036","scoring_system":"epss","scoring_elements":"0.58509","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0036","scoring_system":"epss","scoring_elements":"0.58502","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-11204"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11204","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11204"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1579955","reference_id":"1579955","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1579955"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98394?format=json","purl":"pkg:deb/debian/hdf5@1.10.4%2Brepack-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.4%252Brepack-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98391?format=json","purl":"pkg:deb/debian/hdf5@1.10.6%2Brepack-4%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1qt2-92gt-f3fk"},{"vulnerability":"VCID-2r6p-322p-37dm"},{"vulnerability":"VCID-4kz9-zrss-83bx"},{"vulnerability":"VCID-5v4u-uu83-sqc8"},{"vulnerability":"VCID-7xfq-w24m-yugw"},{"vulnerability":"VCID-89j8-dfkx-2bhs"},{"vulnerability":"VCID-8aac-7mgq-h7a4"},{"vulnerability":"VCID-8df1-wt32-pqa6"},{"vulnerability":"VCID-8dhg-t7wf-v3ah"},{"vulnerability":"VCID-8jym-e7p3-7qgg"},{"vulnerability":"VCID-adzd-m4tm-v3f8"},{"vulnerability":"VCID-ajuw-pqtu-mygw"},{"vulnerability":"VCID-bhy6-usxm-h7a4"},{"vulnerability":"VCID-c2d5-k2pu-m3ba"},{"vulnerability":"VCID-c54w-b13w-uke7"},{"vulnerability":"VCID-caba-jf2d-yubt"},{"vulnerability":"VCID-d9fr-59ax-vya4"},{"vulnerability":"VCID-dmz7-rekk-1bax"},{"vulnerability":"VCID-e4aq-y2zm-tybp"},{"vulnerability":"VCID-euh2-g5tb-kyc7"},{"vulnerability":"VCID-evc7-d6mz-dqh7"},{"vulnerability":"VCID-g4wu-fszp-sbcp"},{"vulnerability":"VCID-h2q3-ub28-9ygd"},{"vulnerability":"VCID-hguc-e36x-kkfj"},{"vulnerability":"VCID-j2ck-xmvp-h7f7"},{"vulnerability":"VCID-jeu6-8nb9-d3ep"},{"vulnerability":"VCID-jgjd-n5m8-cbbk"},{"vulnerability":"VCID-kpny-jvxd-h7df"},{"vulnerability":"VCID-kx1u-3t7h-tyhb"},{"vulnerability":"VCID-mgev-h4d6-g3c9"},{"vulnerability":"VCID-mkrz-w4u4-tuaj"},{"vulnerability":"VCID-n1ag-bkf2-uyd8"},{"vulnerability":"VCID-n3sz-bxsj-dfbw"},{"vulnerability":"VCID-p3f9-9fu6-cbff"},{"vulnerability":"VCID-p78p-43n3-yqgg"},{"vulnerability":"VCID-pmtb-wxmw-2yh2"},{"vulnerability":"VCID-ppqc-1vsd-1qg6"},{"vulnerability":"VCID-qr98-8n65-eue6"},{"vulnerability":"VCID-qttu-atch-hkcq"},{"vulnerability":"VCID-qzz2-61s2-bkca"},{"vulnerability":"VCID-rr9y-73f6-ybab"},{"vulnerability":"VCID-rwu5-z6rj-uye7"},{"vulnerability":"VCID-s161-wyhp-e3hw"},{"vulnerability":"VCID-tba6-aqxs-nqgm"},{"vulnerability":"VCID-td2e-qeam-fucf"},{"vulnerability":"VCID-ua6h-y2bc-jqdy"},{"vulnerability":"VCID-uhhu-7sbk-gqaf"},{"vulnerability":"VCID-untx-ks69-4yc3"},{"vulnerability":"VCID-usd5-mpjq-fkgm"},{"vulnerability":"VCID-vaam-cd2s-pkh3"},{"vulnerability":"VCID-vf8n-vse9-4qh3"},{"vulnerability":"VCID-vf9h-vkm4-afgk"},{"vulnerability":"VCID-vn8s-gm5x-eqbd"},{"vulnerability":"VCID-wez5-unzz-kudq"},{"vulnerability":"VCID-wt1r-6349-v7at"},{"vulnerability":"VCID-x85j-52ep-z7a4"},{"vulnerability":"VCID-xnb3-ch5w-d3bt"},{"vulnerability":"VCID-ze1t-z525-n3e2"},{"vulnerability":"VCID-zeyd-2fwn-87bh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.6%252Brepack-4%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98389?format=json","purl":"pkg:deb/debian/hdf5@1.10.8%2Brepack1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1qt2-92gt-f3fk"},{"vulnerability":"VCID-2r6p-322p-37dm"},{"vulnerability":"VCID-5v4u-uu83-sqc8"},{"vulnerability":"VCID-7xfq-w24m-yugw"},{"vulnerability":"VCID-89j8-dfkx-2bhs"},{"vulnerability":"VCID-8aac-7mgq-h7a4"},{"vulnerability":"VCID-8df1-wt32-pqa6"},{"vulnerability":"VCID-8dhg-t7wf-v3ah"},{"vulnerability":"VCID-8jym-e7p3-7qgg"},{"vulnerability":"VCID-adzd-m4tm-v3f8"},{"vulnerability":"VCID-ajuw-pqtu-mygw"},{"vulnerability":"VCID-bhy6-usxm-h7a4"},{"vulnerability":"VCID-c2d5-k2pu-m3ba"},{"vulnerability":"VCID-c54w-b13w-uke7"},{"vulnerability":"VCID-caba-jf2d-yubt"},{"vulnerability":"VCID-d9fr-59ax-vya4"},{"vulnerability":"VCID-e4aq-y2zm-tybp"},{"vulnerability":"VCID-euh2-g5tb-kyc7"},{"vulnerability":"VCID-evc7-d6mz-dqh7"},{"vulnerability":"VCID-g4wu-fszp-sbcp"},{"vulnerability":"VCID-h2q3-ub28-9ygd"},{"vulnerability":"VCID-hguc-e36x-kkfj"},{"vulnerability":"VCID-j2ck-xmvp-h7f7"},{"vulnerability":"VCID-jeu6-8nb9-d3ep"},{"vulnerability":"VCID-jgjd-n5m8-cbbk"},{"vulnerability":"VCID-kx1u-3t7h-tyhb"},{"vulnerability":"VCID-mgev-h4d6-g3c9"},{"vulnerability":"VCID-mkrz-w4u4-tuaj"},{"vulnerability":"VCID-n1ag-bkf2-uyd8"},{"vulnerability":"VCID-n3sz-bxsj-dfbw"},{"vulnerability":"VCID-p3f9-9fu6-cbff"},{"vulnerability":"VCID-ppqc-1vsd-1qg6"},{"vulnerability":"VCID-qr98-8n65-eue6"},{"vulnerability":"VCID-qzz2-61s2-bkca"},{"vulnerability":"VCID-rr9y-73f6-ybab"},{"vulnerability":"VCID-rwu5-z6rj-uye7"},{"vulnerability":"VCID-s161-wyhp-e3hw"},{"vulnerability":"VCID-tba6-aqxs-nqgm"},{"vulnerability":"VCID-td2e-qeam-fucf"},{"vulnerability":"VCID-uhhu-7sbk-gqaf"},{"vulnerability":"VCID-usd5-mpjq-fkgm"},{"vulnerability":"VCID-vaam-cd2s-pkh3"},{"vulnerability":"VCID-vf8n-vse9-4qh3"},{"vulnerability":"VCID-vf9h-vkm4-afgk"},{"vulnerability":"VCID-vn8s-gm5x-eqbd"},{"vulnerability":"VCID-wez5-unzz-kudq"},{"vulnerability":"VCID-wt1r-6349-v7at"},{"vulnerability":"VCID-x85j-52ep-z7a4"},{"vulnerability":"VCID-xnb3-ch5w-d3bt"},{"vulnerability":"VCID-ze1t-z525-n3e2"},{"vulnerability":"VCID-zeyd-2fwn-87bh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.8%252Brepack1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98393?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98392?format=json","purl":"pkg:deb/debian/hdf5@1.14.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.6%252Brepack-2%3Fdistro=trixie"}],"aliases":["CVE-2018-11204"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-chka-ff1j-gqe3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72332?format=json","vulnerability_id":"VCID-cy3q-7n3v-xbgr","summary":"Memory leak in the H5O_dtype_decode_helper() function in H5Odtype.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service (memory consumption) via a crafted HDF5 file.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17437.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17437.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-17437","reference_id":"","reference_type":"","scores":[{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.33676","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.33777","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.33792","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.33758","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-17437"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17437","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17437"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1634132","reference_id":"1634132","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1634132"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98406?format=json","purl":"pkg:deb/debian/hdf5@1.10.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.6%252Brepack-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98391?format=json","purl":"pkg:deb/debian/hdf5@1.10.6%2Brepack-4%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1qt2-92gt-f3fk"},{"vulnerability":"VCID-2r6p-322p-37dm"},{"vulnerability":"VCID-4kz9-zrss-83bx"},{"vulnerability":"VCID-5v4u-uu83-sqc8"},{"vulnerability":"VCID-7xfq-w24m-yugw"},{"vulnerability":"VCID-89j8-dfkx-2bhs"},{"vulnerability":"VCID-8aac-7mgq-h7a4"},{"vulnerability":"VCID-8df1-wt32-pqa6"},{"vulnerability":"VCID-8dhg-t7wf-v3ah"},{"vulnerability":"VCID-8jym-e7p3-7qgg"},{"vulnerability":"VCID-adzd-m4tm-v3f8"},{"vulnerability":"VCID-ajuw-pqtu-mygw"},{"vulnerability":"VCID-bhy6-usxm-h7a4"},{"vulnerability":"VCID-c2d5-k2pu-m3ba"},{"vulnerability":"VCID-c54w-b13w-uke7"},{"vulnerability":"VCID-caba-jf2d-yubt"},{"vulnerability":"VCID-d9fr-59ax-vya4"},{"vulnerability":"VCID-dmz7-rekk-1bax"},{"vulnerability":"VCID-e4aq-y2zm-tybp"},{"vulnerability":"VCID-euh2-g5tb-kyc7"},{"vulnerability":"VCID-evc7-d6mz-dqh7"},{"vulnerability":"VCID-g4wu-fszp-sbcp"},{"vulnerability":"VCID-h2q3-ub28-9ygd"},{"vulnerability":"VCID-hguc-e36x-kkfj"},{"vulnerability":"VCID-j2ck-xmvp-h7f7"},{"vulnerability":"VCID-jeu6-8nb9-d3ep"},{"vulnerability":"VCID-jgjd-n5m8-cbbk"},{"vulnerability":"VCID-kpny-jvxd-h7df"},{"vulnerability":"VCID-kx1u-3t7h-tyhb"},{"vulnerability":"VCID-mgev-h4d6-g3c9"},{"vulnerability":"VCID-mkrz-w4u4-tuaj"},{"vulnerability":"VCID-n1ag-bkf2-uyd8"},{"vulnerability":"VCID-n3sz-bxsj-dfbw"},{"vulnerability":"VCID-p3f9-9fu6-cbff"},{"vulnerability":"VCID-p78p-43n3-yqgg"},{"vulnerability":"VCID-pmtb-wxmw-2yh2"},{"vulnerability":"VCID-ppqc-1vsd-1qg6"},{"vulnerability":"VCID-qr98-8n65-eue6"},{"vulnerability":"VCID-qttu-atch-hkcq"},{"vulnerability":"VCID-qzz2-61s2-bkca"},{"vulnerability":"VCID-rr9y-73f6-ybab"},{"vulnerability":"VCID-rwu5-z6rj-uye7"},{"vulnerability":"VCID-s161-wyhp-e3hw"},{"vulnerability":"VCID-tba6-aqxs-nqgm"},{"vulnerability":"VCID-td2e-qeam-fucf"},{"vulnerability":"VCID-ua6h-y2bc-jqdy"},{"vulnerability":"VCID-uhhu-7sbk-gqaf"},{"vulnerability":"VCID-untx-ks69-4yc3"},{"vulnerability":"VCID-usd5-mpjq-fkgm"},{"vulnerability":"VCID-vaam-cd2s-pkh3"},{"vulnerability":"VCID-vf8n-vse9-4qh3"},{"vulnerability":"VCID-vf9h-vkm4-afgk"},{"vulnerability":"VCID-vn8s-gm5x-eqbd"},{"vulnerability":"VCID-wez5-unzz-kudq"},{"vulnerability":"VCID-wt1r-6349-v7at"},{"vulnerability":"VCID-x85j-52ep-z7a4"},{"vulnerability":"VCID-xnb3-ch5w-d3bt"},{"vulnerability":"VCID-ze1t-z525-n3e2"},{"vulnerability":"VCID-zeyd-2fwn-87bh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.6%252Brepack-4%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98389?format=json","purl":"pkg:deb/debian/hdf5@1.10.8%2Brepack1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1qt2-92gt-f3fk"},{"vulnerability":"VCID-2r6p-322p-37dm"},{"vulnerability":"VCID-5v4u-uu83-sqc8"},{"vulnerability":"VCID-7xfq-w24m-yugw"},{"vulnerability":"VCID-89j8-dfkx-2bhs"},{"vulnerability":"VCID-8aac-7mgq-h7a4"},{"vulnerability":"VCID-8df1-wt32-pqa6"},{"vulnerability":"VCID-8dhg-t7wf-v3ah"},{"vulnerability":"VCID-8jym-e7p3-7qgg"},{"vulnerability":"VCID-adzd-m4tm-v3f8"},{"vulnerability":"VCID-ajuw-pqtu-mygw"},{"vulnerability":"VCID-bhy6-usxm-h7a4"},{"vulnerability":"VCID-c2d5-k2pu-m3ba"},{"vulnerability":"VCID-c54w-b13w-uke7"},{"vulnerability":"VCID-caba-jf2d-yubt"},{"vulnerability":"VCID-d9fr-59ax-vya4"},{"vulnerability":"VCID-e4aq-y2zm-tybp"},{"vulnerability":"VCID-euh2-g5tb-kyc7"},{"vulnerability":"VCID-evc7-d6mz-dqh7"},{"vulnerability":"VCID-g4wu-fszp-sbcp"},{"vulnerability":"VCID-h2q3-ub28-9ygd"},{"vulnerability":"VCID-hguc-e36x-kkfj"},{"vulnerability":"VCID-j2ck-xmvp-h7f7"},{"vulnerability":"VCID-jeu6-8nb9-d3ep"},{"vulnerability":"VCID-jgjd-n5m8-cbbk"},{"vulnerability":"VCID-kx1u-3t7h-tyhb"},{"vulnerability":"VCID-mgev-h4d6-g3c9"},{"vulnerability":"VCID-mkrz-w4u4-tuaj"},{"vulnerability":"VCID-n1ag-bkf2-uyd8"},{"vulnerability":"VCID-n3sz-bxsj-dfbw"},{"vulnerability":"VCID-p3f9-9fu6-cbff"},{"vulnerability":"VCID-ppqc-1vsd-1qg6"},{"vulnerability":"VCID-qr98-8n65-eue6"},{"vulnerability":"VCID-qzz2-61s2-bkca"},{"vulnerability":"VCID-rr9y-73f6-ybab"},{"vulnerability":"VCID-rwu5-z6rj-uye7"},{"vulnerability":"VCID-s161-wyhp-e3hw"},{"vulnerability":"VCID-tba6-aqxs-nqgm"},{"vulnerability":"VCID-td2e-qeam-fucf"},{"vulnerability":"VCID-uhhu-7sbk-gqaf"},{"vulnerability":"VCID-usd5-mpjq-fkgm"},{"vulnerability":"VCID-vaam-cd2s-pkh3"},{"vulnerability":"VCID-vf8n-vse9-4qh3"},{"vulnerability":"VCID-vf9h-vkm4-afgk"},{"vulnerability":"VCID-vn8s-gm5x-eqbd"},{"vulnerability":"VCID-wez5-unzz-kudq"},{"vulnerability":"VCID-wt1r-6349-v7at"},{"vulnerability":"VCID-x85j-52ep-z7a4"},{"vulnerability":"VCID-xnb3-ch5w-d3bt"},{"vulnerability":"VCID-ze1t-z525-n3e2"},{"vulnerability":"VCID-zeyd-2fwn-87bh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.8%252Brepack1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98393?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98392?format=json","purl":"pkg:deb/debian/hdf5@1.14.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.6%252Brepack-2%3Fdistro=trixie"}],"aliases":["CVE-2018-17437"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cy3q-7n3v-xbgr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/52414?format=json","vulnerability_id":"VCID-dmz7-rekk-1bax","summary":"NULL Pointer Dereference\nA NULL pointer dereference exists in the function `H5AC_unpin_entry()` located in `H5AC.c`. It allows an attacker to cause Denial of Service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10810.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10810.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-10810","reference_id":"","reference_type":"","scores":[{"value":"0.00424","scoring_system":"epss","scoring_elements":"0.625","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00424","scoring_system":"epss","scoring_elements":"0.62546","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00424","scoring_system":"epss","scoring_elements":"0.62555","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00424","scoring_system":"epss","scoring_elements":"0.62545","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-10810"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10810","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10810"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1827475","reference_id":"1827475","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1827475"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-10810","reference_id":"CVE-2020-10810","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-10810"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98397?format=json","purl":"pkg:deb/debian/hdf5@1.10.8%2Brepack-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.8%252Brepack-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98389?format=json","purl":"pkg:deb/debian/hdf5@1.10.8%2Brepack1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1qt2-92gt-f3fk"},{"vulnerability":"VCID-2r6p-322p-37dm"},{"vulnerability":"VCID-5v4u-uu83-sqc8"},{"vulnerability":"VCID-7xfq-w24m-yugw"},{"vulnerability":"VCID-89j8-dfkx-2bhs"},{"vulnerability":"VCID-8aac-7mgq-h7a4"},{"vulnerability":"VCID-8df1-wt32-pqa6"},{"vulnerability":"VCID-8dhg-t7wf-v3ah"},{"vulnerability":"VCID-8jym-e7p3-7qgg"},{"vulnerability":"VCID-adzd-m4tm-v3f8"},{"vulnerability":"VCID-ajuw-pqtu-mygw"},{"vulnerability":"VCID-bhy6-usxm-h7a4"},{"vulnerability":"VCID-c2d5-k2pu-m3ba"},{"vulnerability":"VCID-c54w-b13w-uke7"},{"vulnerability":"VCID-caba-jf2d-yubt"},{"vulnerability":"VCID-d9fr-59ax-vya4"},{"vulnerability":"VCID-e4aq-y2zm-tybp"},{"vulnerability":"VCID-euh2-g5tb-kyc7"},{"vulnerability":"VCID-evc7-d6mz-dqh7"},{"vulnerability":"VCID-g4wu-fszp-sbcp"},{"vulnerability":"VCID-h2q3-ub28-9ygd"},{"vulnerability":"VCID-hguc-e36x-kkfj"},{"vulnerability":"VCID-j2ck-xmvp-h7f7"},{"vulnerability":"VCID-jeu6-8nb9-d3ep"},{"vulnerability":"VCID-jgjd-n5m8-cbbk"},{"vulnerability":"VCID-kx1u-3t7h-tyhb"},{"vulnerability":"VCID-mgev-h4d6-g3c9"},{"vulnerability":"VCID-mkrz-w4u4-tuaj"},{"vulnerability":"VCID-n1ag-bkf2-uyd8"},{"vulnerability":"VCID-n3sz-bxsj-dfbw"},{"vulnerability":"VCID-p3f9-9fu6-cbff"},{"vulnerability":"VCID-ppqc-1vsd-1qg6"},{"vulnerability":"VCID-qr98-8n65-eue6"},{"vulnerability":"VCID-qzz2-61s2-bkca"},{"vulnerability":"VCID-rr9y-73f6-ybab"},{"vulnerability":"VCID-rwu5-z6rj-uye7"},{"vulnerability":"VCID-s161-wyhp-e3hw"},{"vulnerability":"VCID-tba6-aqxs-nqgm"},{"vulnerability":"VCID-td2e-qeam-fucf"},{"vulnerability":"VCID-uhhu-7sbk-gqaf"},{"vulnerability":"VCID-usd5-mpjq-fkgm"},{"vulnerability":"VCID-vaam-cd2s-pkh3"},{"vulnerability":"VCID-vf8n-vse9-4qh3"},{"vulnerability":"VCID-vf9h-vkm4-afgk"},{"vulnerability":"VCID-vn8s-gm5x-eqbd"},{"vulnerability":"VCID-wez5-unzz-kudq"},{"vulnerability":"VCID-wt1r-6349-v7at"},{"vulnerability":"VCID-x85j-52ep-z7a4"},{"vulnerability":"VCID-xnb3-ch5w-d3bt"},{"vulnerability":"VCID-ze1t-z525-n3e2"},{"vulnerability":"VCID-zeyd-2fwn-87bh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.8%252Brepack1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98393?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98392?format=json","purl":"pkg:deb/debian/hdf5@1.14.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.6%252Brepack-2%3Fdistro=trixie"}],"aliases":["CVE-2020-10810"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dmz7-rekk-1bax"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72318?format=json","vulnerability_id":"VCID-dypw-pp9q-bycr","summary":"A SIGFPE signal is raised in the function H5D__create_chunk_file_map_hyper() of H5Dchunk.c in the HDF HDF5 through 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection against division by zero. It could allow a remote denial of service attack.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17233.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17233.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-17233","reference_id":"","reference_type":"","scores":[{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50915","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50977","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50982","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50962","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-17233"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17233","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17233"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1633853","reference_id":"1633853","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1633853"},{"reference_url":"https://usn.ubuntu.com/USN-5272-1/","reference_id":"USN-USN-5272-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-5272-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98406?format=json","purl":"pkg:deb/debian/hdf5@1.10.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.6%252Brepack-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98391?format=json","purl":"pkg:deb/debian/hdf5@1.10.6%2Brepack-4%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1qt2-92gt-f3fk"},{"vulnerability":"VCID-2r6p-322p-37dm"},{"vulnerability":"VCID-4kz9-zrss-83bx"},{"vulnerability":"VCID-5v4u-uu83-sqc8"},{"vulnerability":"VCID-7xfq-w24m-yugw"},{"vulnerability":"VCID-89j8-dfkx-2bhs"},{"vulnerability":"VCID-8aac-7mgq-h7a4"},{"vulnerability":"VCID-8df1-wt32-pqa6"},{"vulnerability":"VCID-8dhg-t7wf-v3ah"},{"vulnerability":"VCID-8jym-e7p3-7qgg"},{"vulnerability":"VCID-adzd-m4tm-v3f8"},{"vulnerability":"VCID-ajuw-pqtu-mygw"},{"vulnerability":"VCID-bhy6-usxm-h7a4"},{"vulnerability":"VCID-c2d5-k2pu-m3ba"},{"vulnerability":"VCID-c54w-b13w-uke7"},{"vulnerability":"VCID-caba-jf2d-yubt"},{"vulnerability":"VCID-d9fr-59ax-vya4"},{"vulnerability":"VCID-dmz7-rekk-1bax"},{"vulnerability":"VCID-e4aq-y2zm-tybp"},{"vulnerability":"VCID-euh2-g5tb-kyc7"},{"vulnerability":"VCID-evc7-d6mz-dqh7"},{"vulnerability":"VCID-g4wu-fszp-sbcp"},{"vulnerability":"VCID-h2q3-ub28-9ygd"},{"vulnerability":"VCID-hguc-e36x-kkfj"},{"vulnerability":"VCID-j2ck-xmvp-h7f7"},{"vulnerability":"VCID-jeu6-8nb9-d3ep"},{"vulnerability":"VCID-jgjd-n5m8-cbbk"},{"vulnerability":"VCID-kpny-jvxd-h7df"},{"vulnerability":"VCID-kx1u-3t7h-tyhb"},{"vulnerability":"VCID-mgev-h4d6-g3c9"},{"vulnerability":"VCID-mkrz-w4u4-tuaj"},{"vulnerability":"VCID-n1ag-bkf2-uyd8"},{"vulnerability":"VCID-n3sz-bxsj-dfbw"},{"vulnerability":"VCID-p3f9-9fu6-cbff"},{"vulnerability":"VCID-p78p-43n3-yqgg"},{"vulnerability":"VCID-pmtb-wxmw-2yh2"},{"vulnerability":"VCID-ppqc-1vsd-1qg6"},{"vulnerability":"VCID-qr98-8n65-eue6"},{"vulnerability":"VCID-qttu-atch-hkcq"},{"vulnerability":"VCID-qzz2-61s2-bkca"},{"vulnerability":"VCID-rr9y-73f6-ybab"},{"vulnerability":"VCID-rwu5-z6rj-uye7"},{"vulnerability":"VCID-s161-wyhp-e3hw"},{"vulnerability":"VCID-tba6-aqxs-nqgm"},{"vulnerability":"VCID-td2e-qeam-fucf"},{"vulnerability":"VCID-ua6h-y2bc-jqdy"},{"vulnerability":"VCID-uhhu-7sbk-gqaf"},{"vulnerability":"VCID-untx-ks69-4yc3"},{"vulnerability":"VCID-usd5-mpjq-fkgm"},{"vulnerability":"VCID-vaam-cd2s-pkh3"},{"vulnerability":"VCID-vf8n-vse9-4qh3"},{"vulnerability":"VCID-vf9h-vkm4-afgk"},{"vulnerability":"VCID-vn8s-gm5x-eqbd"},{"vulnerability":"VCID-wez5-unzz-kudq"},{"vulnerability":"VCID-wt1r-6349-v7at"},{"vulnerability":"VCID-x85j-52ep-z7a4"},{"vulnerability":"VCID-xnb3-ch5w-d3bt"},{"vulnerability":"VCID-ze1t-z525-n3e2"},{"vulnerability":"VCID-zeyd-2fwn-87bh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.6%252Brepack-4%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98389?format=json","purl":"pkg:deb/debian/hdf5@1.10.8%2Brepack1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1qt2-92gt-f3fk"},{"vulnerability":"VCID-2r6p-322p-37dm"},{"vulnerability":"VCID-5v4u-uu83-sqc8"},{"vulnerability":"VCID-7xfq-w24m-yugw"},{"vulnerability":"VCID-89j8-dfkx-2bhs"},{"vulnerability":"VCID-8aac-7mgq-h7a4"},{"vulnerability":"VCID-8df1-wt32-pqa6"},{"vulnerability":"VCID-8dhg-t7wf-v3ah"},{"vulnerability":"VCID-8jym-e7p3-7qgg"},{"vulnerability":"VCID-adzd-m4tm-v3f8"},{"vulnerability":"VCID-ajuw-pqtu-mygw"},{"vulnerability":"VCID-bhy6-usxm-h7a4"},{"vulnerability":"VCID-c2d5-k2pu-m3ba"},{"vulnerability":"VCID-c54w-b13w-uke7"},{"vulnerability":"VCID-caba-jf2d-yubt"},{"vulnerability":"VCID-d9fr-59ax-vya4"},{"vulnerability":"VCID-e4aq-y2zm-tybp"},{"vulnerability":"VCID-euh2-g5tb-kyc7"},{"vulnerability":"VCID-evc7-d6mz-dqh7"},{"vulnerability":"VCID-g4wu-fszp-sbcp"},{"vulnerability":"VCID-h2q3-ub28-9ygd"},{"vulnerability":"VCID-hguc-e36x-kkfj"},{"vulnerability":"VCID-j2ck-xmvp-h7f7"},{"vulnerability":"VCID-jeu6-8nb9-d3ep"},{"vulnerability":"VCID-jgjd-n5m8-cbbk"},{"vulnerability":"VCID-kx1u-3t7h-tyhb"},{"vulnerability":"VCID-mgev-h4d6-g3c9"},{"vulnerability":"VCID-mkrz-w4u4-tuaj"},{"vulnerability":"VCID-n1ag-bkf2-uyd8"},{"vulnerability":"VCID-n3sz-bxsj-dfbw"},{"vulnerability":"VCID-p3f9-9fu6-cbff"},{"vulnerability":"VCID-ppqc-1vsd-1qg6"},{"vulnerability":"VCID-qr98-8n65-eue6"},{"vulnerability":"VCID-qzz2-61s2-bkca"},{"vulnerability":"VCID-rr9y-73f6-ybab"},{"vulnerability":"VCID-rwu5-z6rj-uye7"},{"vulnerability":"VCID-s161-wyhp-e3hw"},{"vulnerability":"VCID-tba6-aqxs-nqgm"},{"vulnerability":"VCID-td2e-qeam-fucf"},{"vulnerability":"VCID-uhhu-7sbk-gqaf"},{"vulnerability":"VCID-usd5-mpjq-fkgm"},{"vulnerability":"VCID-vaam-cd2s-pkh3"},{"vulnerability":"VCID-vf8n-vse9-4qh3"},{"vulnerability":"VCID-vf9h-vkm4-afgk"},{"vulnerability":"VCID-vn8s-gm5x-eqbd"},{"vulnerability":"VCID-wez5-unzz-kudq"},{"vulnerability":"VCID-wt1r-6349-v7at"},{"vulnerability":"VCID-x85j-52ep-z7a4"},{"vulnerability":"VCID-xnb3-ch5w-d3bt"},{"vulnerability":"VCID-ze1t-z525-n3e2"},{"vulnerability":"VCID-zeyd-2fwn-87bh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.8%252Brepack1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98393?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98392?format=json","purl":"pkg:deb/debian/hdf5@1.14.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.6%252Brepack-2%3Fdistro=trixie"}],"aliases":["CVE-2018-17233"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dypw-pp9q-bycr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72300?format=json","vulnerability_id":"VCID-e3j2-wght-wbaq","summary":"A division by zero was discovered in H5D__chunk_init in H5Dchunk.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service attack.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11207.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11207.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-11207","reference_id":"","reference_type":"","scores":[{"value":"0.00867","scoring_system":"epss","scoring_elements":"0.75513","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00867","scoring_system":"epss","scoring_elements":"0.75541","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00867","scoring_system":"epss","scoring_elements":"0.75545","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00867","scoring_system":"epss","scoring_elements":"0.75536","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-11207"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11207","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11207"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1579961","reference_id":"1579961","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1579961"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98394?format=json","purl":"pkg:deb/debian/hdf5@1.10.4%2Brepack-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.4%252Brepack-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98391?format=json","purl":"pkg:deb/debian/hdf5@1.10.6%2Brepack-4%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1qt2-92gt-f3fk"},{"vulnerability":"VCID-2r6p-322p-37dm"},{"vulnerability":"VCID-4kz9-zrss-83bx"},{"vulnerability":"VCID-5v4u-uu83-sqc8"},{"vulnerability":"VCID-7xfq-w24m-yugw"},{"vulnerability":"VCID-89j8-dfkx-2bhs"},{"vulnerability":"VCID-8aac-7mgq-h7a4"},{"vulnerability":"VCID-8df1-wt32-pqa6"},{"vulnerability":"VCID-8dhg-t7wf-v3ah"},{"vulnerability":"VCID-8jym-e7p3-7qgg"},{"vulnerability":"VCID-adzd-m4tm-v3f8"},{"vulnerability":"VCID-ajuw-pqtu-mygw"},{"vulnerability":"VCID-bhy6-usxm-h7a4"},{"vulnerability":"VCID-c2d5-k2pu-m3ba"},{"vulnerability":"VCID-c54w-b13w-uke7"},{"vulnerability":"VCID-caba-jf2d-yubt"},{"vulnerability":"VCID-d9fr-59ax-vya4"},{"vulnerability":"VCID-dmz7-rekk-1bax"},{"vulnerability":"VCID-e4aq-y2zm-tybp"},{"vulnerability":"VCID-euh2-g5tb-kyc7"},{"vulnerability":"VCID-evc7-d6mz-dqh7"},{"vulnerability":"VCID-g4wu-fszp-sbcp"},{"vulnerability":"VCID-h2q3-ub28-9ygd"},{"vulnerability":"VCID-hguc-e36x-kkfj"},{"vulnerability":"VCID-j2ck-xmvp-h7f7"},{"vulnerability":"VCID-jeu6-8nb9-d3ep"},{"vulnerability":"VCID-jgjd-n5m8-cbbk"},{"vulnerability":"VCID-kpny-jvxd-h7df"},{"vulnerability":"VCID-kx1u-3t7h-tyhb"},{"vulnerability":"VCID-mgev-h4d6-g3c9"},{"vulnerability":"VCID-mkrz-w4u4-tuaj"},{"vulnerability":"VCID-n1ag-bkf2-uyd8"},{"vulnerability":"VCID-n3sz-bxsj-dfbw"},{"vulnerability":"VCID-p3f9-9fu6-cbff"},{"vulnerability":"VCID-p78p-43n3-yqgg"},{"vulnerability":"VCID-pmtb-wxmw-2yh2"},{"vulnerability":"VCID-ppqc-1vsd-1qg6"},{"vulnerability":"VCID-qr98-8n65-eue6"},{"vulnerability":"VCID-qttu-atch-hkcq"},{"vulnerability":"VCID-qzz2-61s2-bkca"},{"vulnerability":"VCID-rr9y-73f6-ybab"},{"vulnerability":"VCID-rwu5-z6rj-uye7"},{"vulnerability":"VCID-s161-wyhp-e3hw"},{"vulnerability":"VCID-tba6-aqxs-nqgm"},{"vulnerability":"VCID-td2e-qeam-fucf"},{"vulnerability":"VCID-ua6h-y2bc-jqdy"},{"vulnerability":"VCID-uhhu-7sbk-gqaf"},{"vulnerability":"VCID-untx-ks69-4yc3"},{"vulnerability":"VCID-usd5-mpjq-fkgm"},{"vulnerability":"VCID-vaam-cd2s-pkh3"},{"vulnerability":"VCID-vf8n-vse9-4qh3"},{"vulnerability":"VCID-vf9h-vkm4-afgk"},{"vulnerability":"VCID-vn8s-gm5x-eqbd"},{"vulnerability":"VCID-wez5-unzz-kudq"},{"vulnerability":"VCID-wt1r-6349-v7at"},{"vulnerability":"VCID-x85j-52ep-z7a4"},{"vulnerability":"VCID-xnb3-ch5w-d3bt"},{"vulnerability":"VCID-ze1t-z525-n3e2"},{"vulnerability":"VCID-zeyd-2fwn-87bh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.6%252Brepack-4%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98389?format=json","purl":"pkg:deb/debian/hdf5@1.10.8%2Brepack1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1qt2-92gt-f3fk"},{"vulnerability":"VCID-2r6p-322p-37dm"},{"vulnerability":"VCID-5v4u-uu83-sqc8"},{"vulnerability":"VCID-7xfq-w24m-yugw"},{"vulnerability":"VCID-89j8-dfkx-2bhs"},{"vulnerability":"VCID-8aac-7mgq-h7a4"},{"vulnerability":"VCID-8df1-wt32-pqa6"},{"vulnerability":"VCID-8dhg-t7wf-v3ah"},{"vulnerability":"VCID-8jym-e7p3-7qgg"},{"vulnerability":"VCID-adzd-m4tm-v3f8"},{"vulnerability":"VCID-ajuw-pqtu-mygw"},{"vulnerability":"VCID-bhy6-usxm-h7a4"},{"vulnerability":"VCID-c2d5-k2pu-m3ba"},{"vulnerability":"VCID-c54w-b13w-uke7"},{"vulnerability":"VCID-caba-jf2d-yubt"},{"vulnerability":"VCID-d9fr-59ax-vya4"},{"vulnerability":"VCID-e4aq-y2zm-tybp"},{"vulnerability":"VCID-euh2-g5tb-kyc7"},{"vulnerability":"VCID-evc7-d6mz-dqh7"},{"vulnerability":"VCID-g4wu-fszp-sbcp"},{"vulnerability":"VCID-h2q3-ub28-9ygd"},{"vulnerability":"VCID-hguc-e36x-kkfj"},{"vulnerability":"VCID-j2ck-xmvp-h7f7"},{"vulnerability":"VCID-jeu6-8nb9-d3ep"},{"vulnerability":"VCID-jgjd-n5m8-cbbk"},{"vulnerability":"VCID-kx1u-3t7h-tyhb"},{"vulnerability":"VCID-mgev-h4d6-g3c9"},{"vulnerability":"VCID-mkrz-w4u4-tuaj"},{"vulnerability":"VCID-n1ag-bkf2-uyd8"},{"vulnerability":"VCID-n3sz-bxsj-dfbw"},{"vulnerability":"VCID-p3f9-9fu6-cbff"},{"vulnerability":"VCID-ppqc-1vsd-1qg6"},{"vulnerability":"VCID-qr98-8n65-eue6"},{"vulnerability":"VCID-qzz2-61s2-bkca"},{"vulnerability":"VCID-rr9y-73f6-ybab"},{"vulnerability":"VCID-rwu5-z6rj-uye7"},{"vulnerability":"VCID-s161-wyhp-e3hw"},{"vulnerability":"VCID-tba6-aqxs-nqgm"},{"vulnerability":"VCID-td2e-qeam-fucf"},{"vulnerability":"VCID-uhhu-7sbk-gqaf"},{"vulnerability":"VCID-usd5-mpjq-fkgm"},{"vulnerability":"VCID-vaam-cd2s-pkh3"},{"vulnerability":"VCID-vf8n-vse9-4qh3"},{"vulnerability":"VCID-vf9h-vkm4-afgk"},{"vulnerability":"VCID-vn8s-gm5x-eqbd"},{"vulnerability":"VCID-wez5-unzz-kudq"},{"vulnerability":"VCID-wt1r-6349-v7at"},{"vulnerability":"VCID-x85j-52ep-z7a4"},{"vulnerability":"VCID-xnb3-ch5w-d3bt"},{"vulnerability":"VCID-ze1t-z525-n3e2"},{"vulnerability":"VCID-zeyd-2fwn-87bh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.8%252Brepack1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98393?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98392?format=json","purl":"pkg:deb/debian/hdf5@1.14.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.6%252Brepack-2%3Fdistro=trixie"}],"aliases":["CVE-2018-11207"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e3j2-wght-wbaq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72334?format=json","vulnerability_id":"VCID-e4qy-jb8b-dkgg","summary":"A SIGFPE signal is raised in the function H5D__select_io() of H5Dselect.c in the HDF HDF5 through 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection against division by zero. It could allow a remote denial of service attack.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17438.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17438.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-17438","reference_id":"","reference_type":"","scores":[{"value":"0.00359","scoring_system":"epss","scoring_elements":"0.58346","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00359","scoring_system":"epss","scoring_elements":"0.58393","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00359","scoring_system":"epss","scoring_elements":"0.58401","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-17438"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17438","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17438"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1634139","reference_id":"1634139","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1634139"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98412?format=json","purl":"pkg:deb/debian/hdf5@1.10.6%2Brepack-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.6%252Brepack-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98391?format=json","purl":"pkg:deb/debian/hdf5@1.10.6%2Brepack-4%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1qt2-92gt-f3fk"},{"vulnerability":"VCID-2r6p-322p-37dm"},{"vulnerability":"VCID-4kz9-zrss-83bx"},{"vulnerability":"VCID-5v4u-uu83-sqc8"},{"vulnerability":"VCID-7xfq-w24m-yugw"},{"vulnerability":"VCID-89j8-dfkx-2bhs"},{"vulnerability":"VCID-8aac-7mgq-h7a4"},{"vulnerability":"VCID-8df1-wt32-pqa6"},{"vulnerability":"VCID-8dhg-t7wf-v3ah"},{"vulnerability":"VCID-8jym-e7p3-7qgg"},{"vulnerability":"VCID-adzd-m4tm-v3f8"},{"vulnerability":"VCID-ajuw-pqtu-mygw"},{"vulnerability":"VCID-bhy6-usxm-h7a4"},{"vulnerability":"VCID-c2d5-k2pu-m3ba"},{"vulnerability":"VCID-c54w-b13w-uke7"},{"vulnerability":"VCID-caba-jf2d-yubt"},{"vulnerability":"VCID-d9fr-59ax-vya4"},{"vulnerability":"VCID-dmz7-rekk-1bax"},{"vulnerability":"VCID-e4aq-y2zm-tybp"},{"vulnerability":"VCID-euh2-g5tb-kyc7"},{"vulnerability":"VCID-evc7-d6mz-dqh7"},{"vulnerability":"VCID-g4wu-fszp-sbcp"},{"vulnerability":"VCID-h2q3-ub28-9ygd"},{"vulnerability":"VCID-hguc-e36x-kkfj"},{"vulnerability":"VCID-j2ck-xmvp-h7f7"},{"vulnerability":"VCID-jeu6-8nb9-d3ep"},{"vulnerability":"VCID-jgjd-n5m8-cbbk"},{"vulnerability":"VCID-kpny-jvxd-h7df"},{"vulnerability":"VCID-kx1u-3t7h-tyhb"},{"vulnerability":"VCID-mgev-h4d6-g3c9"},{"vulnerability":"VCID-mkrz-w4u4-tuaj"},{"vulnerability":"VCID-n1ag-bkf2-uyd8"},{"vulnerability":"VCID-n3sz-bxsj-dfbw"},{"vulnerability":"VCID-p3f9-9fu6-cbff"},{"vulnerability":"VCID-p78p-43n3-yqgg"},{"vulnerability":"VCID-pmtb-wxmw-2yh2"},{"vulnerability":"VCID-ppqc-1vsd-1qg6"},{"vulnerability":"VCID-qr98-8n65-eue6"},{"vulnerability":"VCID-qttu-atch-hkcq"},{"vulnerability":"VCID-qzz2-61s2-bkca"},{"vulnerability":"VCID-rr9y-73f6-ybab"},{"vulnerability":"VCID-rwu5-z6rj-uye7"},{"vulnerability":"VCID-s161-wyhp-e3hw"},{"vulnerability":"VCID-tba6-aqxs-nqgm"},{"vulnerability":"VCID-td2e-qeam-fucf"},{"vulnerability":"VCID-ua6h-y2bc-jqdy"},{"vulnerability":"VCID-uhhu-7sbk-gqaf"},{"vulnerability":"VCID-untx-ks69-4yc3"},{"vulnerability":"VCID-usd5-mpjq-fkgm"},{"vulnerability":"VCID-vaam-cd2s-pkh3"},{"vulnerability":"VCID-vf8n-vse9-4qh3"},{"vulnerability":"VCID-vf9h-vkm4-afgk"},{"vulnerability":"VCID-vn8s-gm5x-eqbd"},{"vulnerability":"VCID-wez5-unzz-kudq"},{"vulnerability":"VCID-wt1r-6349-v7at"},{"vulnerability":"VCID-x85j-52ep-z7a4"},{"vulnerability":"VCID-xnb3-ch5w-d3bt"},{"vulnerability":"VCID-ze1t-z525-n3e2"},{"vulnerability":"VCID-zeyd-2fwn-87bh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.6%252Brepack-4%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98389?format=json","purl":"pkg:deb/debian/hdf5@1.10.8%2Brepack1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1qt2-92gt-f3fk"},{"vulnerability":"VCID-2r6p-322p-37dm"},{"vulnerability":"VCID-5v4u-uu83-sqc8"},{"vulnerability":"VCID-7xfq-w24m-yugw"},{"vulnerability":"VCID-89j8-dfkx-2bhs"},{"vulnerability":"VCID-8aac-7mgq-h7a4"},{"vulnerability":"VCID-8df1-wt32-pqa6"},{"vulnerability":"VCID-8dhg-t7wf-v3ah"},{"vulnerability":"VCID-8jym-e7p3-7qgg"},{"vulnerability":"VCID-adzd-m4tm-v3f8"},{"vulnerability":"VCID-ajuw-pqtu-mygw"},{"vulnerability":"VCID-bhy6-usxm-h7a4"},{"vulnerability":"VCID-c2d5-k2pu-m3ba"},{"vulnerability":"VCID-c54w-b13w-uke7"},{"vulnerability":"VCID-caba-jf2d-yubt"},{"vulnerability":"VCID-d9fr-59ax-vya4"},{"vulnerability":"VCID-e4aq-y2zm-tybp"},{"vulnerability":"VCID-euh2-g5tb-kyc7"},{"vulnerability":"VCID-evc7-d6mz-dqh7"},{"vulnerability":"VCID-g4wu-fszp-sbcp"},{"vulnerability":"VCID-h2q3-ub28-9ygd"},{"vulnerability":"VCID-hguc-e36x-kkfj"},{"vulnerability":"VCID-j2ck-xmvp-h7f7"},{"vulnerability":"VCID-jeu6-8nb9-d3ep"},{"vulnerability":"VCID-jgjd-n5m8-cbbk"},{"vulnerability":"VCID-kx1u-3t7h-tyhb"},{"vulnerability":"VCID-mgev-h4d6-g3c9"},{"vulnerability":"VCID-mkrz-w4u4-tuaj"},{"vulnerability":"VCID-n1ag-bkf2-uyd8"},{"vulnerability":"VCID-n3sz-bxsj-dfbw"},{"vulnerability":"VCID-p3f9-9fu6-cbff"},{"vulnerability":"VCID-ppqc-1vsd-1qg6"},{"vulnerability":"VCID-qr98-8n65-eue6"},{"vulnerability":"VCID-qzz2-61s2-bkca"},{"vulnerability":"VCID-rr9y-73f6-ybab"},{"vulnerability":"VCID-rwu5-z6rj-uye7"},{"vulnerability":"VCID-s161-wyhp-e3hw"},{"vulnerability":"VCID-tba6-aqxs-nqgm"},{"vulnerability":"VCID-td2e-qeam-fucf"},{"vulnerability":"VCID-uhhu-7sbk-gqaf"},{"vulnerability":"VCID-usd5-mpjq-fkgm"},{"vulnerability":"VCID-vaam-cd2s-pkh3"},{"vulnerability":"VCID-vf8n-vse9-4qh3"},{"vulnerability":"VCID-vf9h-vkm4-afgk"},{"vulnerability":"VCID-vn8s-gm5x-eqbd"},{"vulnerability":"VCID-wez5-unzz-kudq"},{"vulnerability":"VCID-wt1r-6349-v7at"},{"vulnerability":"VCID-x85j-52ep-z7a4"},{"vulnerability":"VCID-xnb3-ch5w-d3bt"},{"vulnerability":"VCID-ze1t-z525-n3e2"},{"vulnerability":"VCID-zeyd-2fwn-87bh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.8%252Brepack1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98393?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98392?format=json","purl":"pkg:deb/debian/hdf5@1.14.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.6%252Brepack-2%3Fdistro=trixie"}],"aliases":["CVE-2018-17438"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e4qy-jb8b-dkgg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72285?format=json","vulnerability_id":"VCID-hnkh-k2sk-gqaq","summary":"A NULL pointer dereference was discovered in H5S_hyper_make_spans in H5Shyper.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service attack.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11202.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11202.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-11202","reference_id":"","reference_type":"","scores":[{"value":"0.01323","scoring_system":"epss","scoring_elements":"0.80231","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01323","scoring_system":"epss","scoring_elements":"0.80255","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01323","scoring_system":"epss","scoring_elements":"0.80258","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01323","scoring_system":"epss","scoring_elements":"0.80254","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-11202"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11202","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11202"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1579946","reference_id":"1579946","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1579946"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98394?format=json","purl":"pkg:deb/debian/hdf5@1.10.4%2Brepack-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.4%252Brepack-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98391?format=json","purl":"pkg:deb/debian/hdf5@1.10.6%2Brepack-4%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1qt2-92gt-f3fk"},{"vulnerability":"VCID-2r6p-322p-37dm"},{"vulnerability":"VCID-4kz9-zrss-83bx"},{"vulnerability":"VCID-5v4u-uu83-sqc8"},{"vulnerability":"VCID-7xfq-w24m-yugw"},{"vulnerability":"VCID-89j8-dfkx-2bhs"},{"vulnerability":"VCID-8aac-7mgq-h7a4"},{"vulnerability":"VCID-8df1-wt32-pqa6"},{"vulnerability":"VCID-8dhg-t7wf-v3ah"},{"vulnerability":"VCID-8jym-e7p3-7qgg"},{"vulnerability":"VCID-adzd-m4tm-v3f8"},{"vulnerability":"VCID-ajuw-pqtu-mygw"},{"vulnerability":"VCID-bhy6-usxm-h7a4"},{"vulnerability":"VCID-c2d5-k2pu-m3ba"},{"vulnerability":"VCID-c54w-b13w-uke7"},{"vulnerability":"VCID-caba-jf2d-yubt"},{"vulnerability":"VCID-d9fr-59ax-vya4"},{"vulnerability":"VCID-dmz7-rekk-1bax"},{"vulnerability":"VCID-e4aq-y2zm-tybp"},{"vulnerability":"VCID-euh2-g5tb-kyc7"},{"vulnerability":"VCID-evc7-d6mz-dqh7"},{"vulnerability":"VCID-g4wu-fszp-sbcp"},{"vulnerability":"VCID-h2q3-ub28-9ygd"},{"vulnerability":"VCID-hguc-e36x-kkfj"},{"vulnerability":"VCID-j2ck-xmvp-h7f7"},{"vulnerability":"VCID-jeu6-8nb9-d3ep"},{"vulnerability":"VCID-jgjd-n5m8-cbbk"},{"vulnerability":"VCID-kpny-jvxd-h7df"},{"vulnerability":"VCID-kx1u-3t7h-tyhb"},{"vulnerability":"VCID-mgev-h4d6-g3c9"},{"vulnerability":"VCID-mkrz-w4u4-tuaj"},{"vulnerability":"VCID-n1ag-bkf2-uyd8"},{"vulnerability":"VCID-n3sz-bxsj-dfbw"},{"vulnerability":"VCID-p3f9-9fu6-cbff"},{"vulnerability":"VCID-p78p-43n3-yqgg"},{"vulnerability":"VCID-pmtb-wxmw-2yh2"},{"vulnerability":"VCID-ppqc-1vsd-1qg6"},{"vulnerability":"VCID-qr98-8n65-eue6"},{"vulnerability":"VCID-qttu-atch-hkcq"},{"vulnerability":"VCID-qzz2-61s2-bkca"},{"vulnerability":"VCID-rr9y-73f6-ybab"},{"vulnerability":"VCID-rwu5-z6rj-uye7"},{"vulnerability":"VCID-s161-wyhp-e3hw"},{"vulnerability":"VCID-tba6-aqxs-nqgm"},{"vulnerability":"VCID-td2e-qeam-fucf"},{"vulnerability":"VCID-ua6h-y2bc-jqdy"},{"vulnerability":"VCID-uhhu-7sbk-gqaf"},{"vulnerability":"VCID-untx-ks69-4yc3"},{"vulnerability":"VCID-usd5-mpjq-fkgm"},{"vulnerability":"VCID-vaam-cd2s-pkh3"},{"vulnerability":"VCID-vf8n-vse9-4qh3"},{"vulnerability":"VCID-vf9h-vkm4-afgk"},{"vulnerability":"VCID-vn8s-gm5x-eqbd"},{"vulnerability":"VCID-wez5-unzz-kudq"},{"vulnerability":"VCID-wt1r-6349-v7at"},{"vulnerability":"VCID-x85j-52ep-z7a4"},{"vulnerability":"VCID-xnb3-ch5w-d3bt"},{"vulnerability":"VCID-ze1t-z525-n3e2"},{"vulnerability":"VCID-zeyd-2fwn-87bh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.6%252Brepack-4%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98389?format=json","purl":"pkg:deb/debian/hdf5@1.10.8%2Brepack1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1qt2-92gt-f3fk"},{"vulnerability":"VCID-2r6p-322p-37dm"},{"vulnerability":"VCID-5v4u-uu83-sqc8"},{"vulnerability":"VCID-7xfq-w24m-yugw"},{"vulnerability":"VCID-89j8-dfkx-2bhs"},{"vulnerability":"VCID-8aac-7mgq-h7a4"},{"vulnerability":"VCID-8df1-wt32-pqa6"},{"vulnerability":"VCID-8dhg-t7wf-v3ah"},{"vulnerability":"VCID-8jym-e7p3-7qgg"},{"vulnerability":"VCID-adzd-m4tm-v3f8"},{"vulnerability":"VCID-ajuw-pqtu-mygw"},{"vulnerability":"VCID-bhy6-usxm-h7a4"},{"vulnerability":"VCID-c2d5-k2pu-m3ba"},{"vulnerability":"VCID-c54w-b13w-uke7"},{"vulnerability":"VCID-caba-jf2d-yubt"},{"vulnerability":"VCID-d9fr-59ax-vya4"},{"vulnerability":"VCID-e4aq-y2zm-tybp"},{"vulnerability":"VCID-euh2-g5tb-kyc7"},{"vulnerability":"VCID-evc7-d6mz-dqh7"},{"vulnerability":"VCID-g4wu-fszp-sbcp"},{"vulnerability":"VCID-h2q3-ub28-9ygd"},{"vulnerability":"VCID-hguc-e36x-kkfj"},{"vulnerability":"VCID-j2ck-xmvp-h7f7"},{"vulnerability":"VCID-jeu6-8nb9-d3ep"},{"vulnerability":"VCID-jgjd-n5m8-cbbk"},{"vulnerability":"VCID-kx1u-3t7h-tyhb"},{"vulnerability":"VCID-mgev-h4d6-g3c9"},{"vulnerability":"VCID-mkrz-w4u4-tuaj"},{"vulnerability":"VCID-n1ag-bkf2-uyd8"},{"vulnerability":"VCID-n3sz-bxsj-dfbw"},{"vulnerability":"VCID-p3f9-9fu6-cbff"},{"vulnerability":"VCID-ppqc-1vsd-1qg6"},{"vulnerability":"VCID-qr98-8n65-eue6"},{"vulnerability":"VCID-qzz2-61s2-bkca"},{"vulnerability":"VCID-rr9y-73f6-ybab"},{"vulnerability":"VCID-rwu5-z6rj-uye7"},{"vulnerability":"VCID-s161-wyhp-e3hw"},{"vulnerability":"VCID-tba6-aqxs-nqgm"},{"vulnerability":"VCID-td2e-qeam-fucf"},{"vulnerability":"VCID-uhhu-7sbk-gqaf"},{"vulnerability":"VCID-usd5-mpjq-fkgm"},{"vulnerability":"VCID-vaam-cd2s-pkh3"},{"vulnerability":"VCID-vf8n-vse9-4qh3"},{"vulnerability":"VCID-vf9h-vkm4-afgk"},{"vulnerability":"VCID-vn8s-gm5x-eqbd"},{"vulnerability":"VCID-wez5-unzz-kudq"},{"vulnerability":"VCID-wt1r-6349-v7at"},{"vulnerability":"VCID-x85j-52ep-z7a4"},{"vulnerability":"VCID-xnb3-ch5w-d3bt"},{"vulnerability":"VCID-ze1t-z525-n3e2"},{"vulnerability":"VCID-zeyd-2fwn-87bh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.8%252Brepack1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98393?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98392?format=json","purl":"pkg:deb/debian/hdf5@1.14.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.6%252Brepack-2%3Fdistro=trixie"}],"aliases":["CVE-2018-11202"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hnkh-k2sk-gqaq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72303?format=json","vulnerability_id":"VCID-kpny-jvxd-h7df","summary":"An issue was discovered in the HDF HDF5 1.8.20 library. There is a memcpy parameter overlap in the function H5O_link_decode in H5Olink.c.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-13869.json","reference_id":"","reference_type":"","scores":[{"value":"3.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-13869.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-13869","reference_id":"","reference_type":"","scores":[{"value":"0.00546","scoring_system":"epss","scoring_elements":"0.68189","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00546","scoring_system":"epss","scoring_elements":"0.68228","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00546","scoring_system":"epss","scoring_elements":"0.68236","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-13869"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13869","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13869"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1601467","reference_id":"1601467","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1601467"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98398?format=json","purl":"pkg:deb/debian/hdf5@1.10.7%2Brepack-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.7%252Brepack-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98389?format=json","purl":"pkg:deb/debian/hdf5@1.10.8%2Brepack1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1qt2-92gt-f3fk"},{"vulnerability":"VCID-2r6p-322p-37dm"},{"vulnerability":"VCID-5v4u-uu83-sqc8"},{"vulnerability":"VCID-7xfq-w24m-yugw"},{"vulnerability":"VCID-89j8-dfkx-2bhs"},{"vulnerability":"VCID-8aac-7mgq-h7a4"},{"vulnerability":"VCID-8df1-wt32-pqa6"},{"vulnerability":"VCID-8dhg-t7wf-v3ah"},{"vulnerability":"VCID-8jym-e7p3-7qgg"},{"vulnerability":"VCID-adzd-m4tm-v3f8"},{"vulnerability":"VCID-ajuw-pqtu-mygw"},{"vulnerability":"VCID-bhy6-usxm-h7a4"},{"vulnerability":"VCID-c2d5-k2pu-m3ba"},{"vulnerability":"VCID-c54w-b13w-uke7"},{"vulnerability":"VCID-caba-jf2d-yubt"},{"vulnerability":"VCID-d9fr-59ax-vya4"},{"vulnerability":"VCID-e4aq-y2zm-tybp"},{"vulnerability":"VCID-euh2-g5tb-kyc7"},{"vulnerability":"VCID-evc7-d6mz-dqh7"},{"vulnerability":"VCID-g4wu-fszp-sbcp"},{"vulnerability":"VCID-h2q3-ub28-9ygd"},{"vulnerability":"VCID-hguc-e36x-kkfj"},{"vulnerability":"VCID-j2ck-xmvp-h7f7"},{"vulnerability":"VCID-jeu6-8nb9-d3ep"},{"vulnerability":"VCID-jgjd-n5m8-cbbk"},{"vulnerability":"VCID-kx1u-3t7h-tyhb"},{"vulnerability":"VCID-mgev-h4d6-g3c9"},{"vulnerability":"VCID-mkrz-w4u4-tuaj"},{"vulnerability":"VCID-n1ag-bkf2-uyd8"},{"vulnerability":"VCID-n3sz-bxsj-dfbw"},{"vulnerability":"VCID-p3f9-9fu6-cbff"},{"vulnerability":"VCID-ppqc-1vsd-1qg6"},{"vulnerability":"VCID-qr98-8n65-eue6"},{"vulnerability":"VCID-qzz2-61s2-bkca"},{"vulnerability":"VCID-rr9y-73f6-ybab"},{"vulnerability":"VCID-rwu5-z6rj-uye7"},{"vulnerability":"VCID-s161-wyhp-e3hw"},{"vulnerability":"VCID-tba6-aqxs-nqgm"},{"vulnerability":"VCID-td2e-qeam-fucf"},{"vulnerability":"VCID-uhhu-7sbk-gqaf"},{"vulnerability":"VCID-usd5-mpjq-fkgm"},{"vulnerability":"VCID-vaam-cd2s-pkh3"},{"vulnerability":"VCID-vf8n-vse9-4qh3"},{"vulnerability":"VCID-vf9h-vkm4-afgk"},{"vulnerability":"VCID-vn8s-gm5x-eqbd"},{"vulnerability":"VCID-wez5-unzz-kudq"},{"vulnerability":"VCID-wt1r-6349-v7at"},{"vulnerability":"VCID-x85j-52ep-z7a4"},{"vulnerability":"VCID-xnb3-ch5w-d3bt"},{"vulnerability":"VCID-ze1t-z525-n3e2"},{"vulnerability":"VCID-zeyd-2fwn-87bh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.8%252Brepack1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98393?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98392?format=json","purl":"pkg:deb/debian/hdf5@1.14.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.6%252Brepack-2%3Fdistro=trixie"}],"aliases":["CVE-2018-13869"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kpny-jvxd-h7df"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72279?format=json","vulnerability_id":"VCID-mkse-aj8h-2fd4","summary":"In HDF5 1.10.1, there is a NULL pointer dereference in the function H5O_pline_decode in the H5Opline.c file in libhdf5.a. For example, h5dump would crash when someone opens a crafted hdf5 file.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17505.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17505.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-17505","reference_id":"","reference_type":"","scores":[{"value":"0.00434","scoring_system":"epss","scoring_elements":"0.63217","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00434","scoring_system":"epss","scoring_elements":"0.63175","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00434","scoring_system":"epss","scoring_elements":"0.6322","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00434","scoring_system":"epss","scoring_elements":"0.63227","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-17505"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17505","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17505"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1.9","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:N/C:N/I:N/A:P"},{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1524906","reference_id":"1524906","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1524906"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=884365","reference_id":"884365","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=884365"},{"reference_url":"https://usn.ubuntu.com/USN-4817-1/","reference_id":"USN-USN-4817-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-4817-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98394?format=json","purl":"pkg:deb/debian/hdf5@1.10.4%2Brepack-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.4%252Brepack-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98391?format=json","purl":"pkg:deb/debian/hdf5@1.10.6%2Brepack-4%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1qt2-92gt-f3fk"},{"vulnerability":"VCID-2r6p-322p-37dm"},{"vulnerability":"VCID-4kz9-zrss-83bx"},{"vulnerability":"VCID-5v4u-uu83-sqc8"},{"vulnerability":"VCID-7xfq-w24m-yugw"},{"vulnerability":"VCID-89j8-dfkx-2bhs"},{"vulnerability":"VCID-8aac-7mgq-h7a4"},{"vulnerability":"VCID-8df1-wt32-pqa6"},{"vulnerability":"VCID-8dhg-t7wf-v3ah"},{"vulnerability":"VCID-8jym-e7p3-7qgg"},{"vulnerability":"VCID-adzd-m4tm-v3f8"},{"vulnerability":"VCID-ajuw-pqtu-mygw"},{"vulnerability":"VCID-bhy6-usxm-h7a4"},{"vulnerability":"VCID-c2d5-k2pu-m3ba"},{"vulnerability":"VCID-c54w-b13w-uke7"},{"vulnerability":"VCID-caba-jf2d-yubt"},{"vulnerability":"VCID-d9fr-59ax-vya4"},{"vulnerability":"VCID-dmz7-rekk-1bax"},{"vulnerability":"VCID-e4aq-y2zm-tybp"},{"vulnerability":"VCID-euh2-g5tb-kyc7"},{"vulnerability":"VCID-evc7-d6mz-dqh7"},{"vulnerability":"VCID-g4wu-fszp-sbcp"},{"vulnerability":"VCID-h2q3-ub28-9ygd"},{"vulnerability":"VCID-hguc-e36x-kkfj"},{"vulnerability":"VCID-j2ck-xmvp-h7f7"},{"vulnerability":"VCID-jeu6-8nb9-d3ep"},{"vulnerability":"VCID-jgjd-n5m8-cbbk"},{"vulnerability":"VCID-kpny-jvxd-h7df"},{"vulnerability":"VCID-kx1u-3t7h-tyhb"},{"vulnerability":"VCID-mgev-h4d6-g3c9"},{"vulnerability":"VCID-mkrz-w4u4-tuaj"},{"vulnerability":"VCID-n1ag-bkf2-uyd8"},{"vulnerability":"VCID-n3sz-bxsj-dfbw"},{"vulnerability":"VCID-p3f9-9fu6-cbff"},{"vulnerability":"VCID-p78p-43n3-yqgg"},{"vulnerability":"VCID-pmtb-wxmw-2yh2"},{"vulnerability":"VCID-ppqc-1vsd-1qg6"},{"vulnerability":"VCID-qr98-8n65-eue6"},{"vulnerability":"VCID-qttu-atch-hkcq"},{"vulnerability":"VCID-qzz2-61s2-bkca"},{"vulnerability":"VCID-rr9y-73f6-ybab"},{"vulnerability":"VCID-rwu5-z6rj-uye7"},{"vulnerability":"VCID-s161-wyhp-e3hw"},{"vulnerability":"VCID-tba6-aqxs-nqgm"},{"vulnerability":"VCID-td2e-qeam-fucf"},{"vulnerability":"VCID-ua6h-y2bc-jqdy"},{"vulnerability":"VCID-uhhu-7sbk-gqaf"},{"vulnerability":"VCID-untx-ks69-4yc3"},{"vulnerability":"VCID-usd5-mpjq-fkgm"},{"vulnerability":"VCID-vaam-cd2s-pkh3"},{"vulnerability":"VCID-vf8n-vse9-4qh3"},{"vulnerability":"VCID-vf9h-vkm4-afgk"},{"vulnerability":"VCID-vn8s-gm5x-eqbd"},{"vulnerability":"VCID-wez5-unzz-kudq"},{"vulnerability":"VCID-wt1r-6349-v7at"},{"vulnerability":"VCID-x85j-52ep-z7a4"},{"vulnerability":"VCID-xnb3-ch5w-d3bt"},{"vulnerability":"VCID-ze1t-z525-n3e2"},{"vulnerability":"VCID-zeyd-2fwn-87bh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.6%252Brepack-4%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98389?format=json","purl":"pkg:deb/debian/hdf5@1.10.8%2Brepack1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1qt2-92gt-f3fk"},{"vulnerability":"VCID-2r6p-322p-37dm"},{"vulnerability":"VCID-5v4u-uu83-sqc8"},{"vulnerability":"VCID-7xfq-w24m-yugw"},{"vulnerability":"VCID-89j8-dfkx-2bhs"},{"vulnerability":"VCID-8aac-7mgq-h7a4"},{"vulnerability":"VCID-8df1-wt32-pqa6"},{"vulnerability":"VCID-8dhg-t7wf-v3ah"},{"vulnerability":"VCID-8jym-e7p3-7qgg"},{"vulnerability":"VCID-adzd-m4tm-v3f8"},{"vulnerability":"VCID-ajuw-pqtu-mygw"},{"vulnerability":"VCID-bhy6-usxm-h7a4"},{"vulnerability":"VCID-c2d5-k2pu-m3ba"},{"vulnerability":"VCID-c54w-b13w-uke7"},{"vulnerability":"VCID-caba-jf2d-yubt"},{"vulnerability":"VCID-d9fr-59ax-vya4"},{"vulnerability":"VCID-e4aq-y2zm-tybp"},{"vulnerability":"VCID-euh2-g5tb-kyc7"},{"vulnerability":"VCID-evc7-d6mz-dqh7"},{"vulnerability":"VCID-g4wu-fszp-sbcp"},{"vulnerability":"VCID-h2q3-ub28-9ygd"},{"vulnerability":"VCID-hguc-e36x-kkfj"},{"vulnerability":"VCID-j2ck-xmvp-h7f7"},{"vulnerability":"VCID-jeu6-8nb9-d3ep"},{"vulnerability":"VCID-jgjd-n5m8-cbbk"},{"vulnerability":"VCID-kx1u-3t7h-tyhb"},{"vulnerability":"VCID-mgev-h4d6-g3c9"},{"vulnerability":"VCID-mkrz-w4u4-tuaj"},{"vulnerability":"VCID-n1ag-bkf2-uyd8"},{"vulnerability":"VCID-n3sz-bxsj-dfbw"},{"vulnerability":"VCID-p3f9-9fu6-cbff"},{"vulnerability":"VCID-ppqc-1vsd-1qg6"},{"vulnerability":"VCID-qr98-8n65-eue6"},{"vulnerability":"VCID-qzz2-61s2-bkca"},{"vulnerability":"VCID-rr9y-73f6-ybab"},{"vulnerability":"VCID-rwu5-z6rj-uye7"},{"vulnerability":"VCID-s161-wyhp-e3hw"},{"vulnerability":"VCID-tba6-aqxs-nqgm"},{"vulnerability":"VCID-td2e-qeam-fucf"},{"vulnerability":"VCID-uhhu-7sbk-gqaf"},{"vulnerability":"VCID-usd5-mpjq-fkgm"},{"vulnerability":"VCID-vaam-cd2s-pkh3"},{"vulnerability":"VCID-vf8n-vse9-4qh3"},{"vulnerability":"VCID-vf9h-vkm4-afgk"},{"vulnerability":"VCID-vn8s-gm5x-eqbd"},{"vulnerability":"VCID-wez5-unzz-kudq"},{"vulnerability":"VCID-wt1r-6349-v7at"},{"vulnerability":"VCID-x85j-52ep-z7a4"},{"vulnerability":"VCID-xnb3-ch5w-d3bt"},{"vulnerability":"VCID-ze1t-z525-n3e2"},{"vulnerability":"VCID-zeyd-2fwn-87bh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.8%252Brepack1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98393?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98392?format=json","purl":"pkg:deb/debian/hdf5@1.14.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.6%252Brepack-2%3Fdistro=trixie"}],"aliases":["CVE-2017-17505"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mkse-aj8h-2fd4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72306?format=json","vulnerability_id":"VCID-p78p-43n3-yqgg","summary":"An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5O_link_decode in H5Olink.c.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-13870.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-13870.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-13870","reference_id":"","reference_type":"","scores":[{"value":"0.00546","scoring_system":"epss","scoring_elements":"0.68189","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00546","scoring_system":"epss","scoring_elements":"0.68228","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00546","scoring_system":"epss","scoring_elements":"0.68236","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-13870"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13870","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13870"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1601468","reference_id":"1601468","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1601468"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98398?format=json","purl":"pkg:deb/debian/hdf5@1.10.7%2Brepack-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.7%252Brepack-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98389?format=json","purl":"pkg:deb/debian/hdf5@1.10.8%2Brepack1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1qt2-92gt-f3fk"},{"vulnerability":"VCID-2r6p-322p-37dm"},{"vulnerability":"VCID-5v4u-uu83-sqc8"},{"vulnerability":"VCID-7xfq-w24m-yugw"},{"vulnerability":"VCID-89j8-dfkx-2bhs"},{"vulnerability":"VCID-8aac-7mgq-h7a4"},{"vulnerability":"VCID-8df1-wt32-pqa6"},{"vulnerability":"VCID-8dhg-t7wf-v3ah"},{"vulnerability":"VCID-8jym-e7p3-7qgg"},{"vulnerability":"VCID-adzd-m4tm-v3f8"},{"vulnerability":"VCID-ajuw-pqtu-mygw"},{"vulnerability":"VCID-bhy6-usxm-h7a4"},{"vulnerability":"VCID-c2d5-k2pu-m3ba"},{"vulnerability":"VCID-c54w-b13w-uke7"},{"vulnerability":"VCID-caba-jf2d-yubt"},{"vulnerability":"VCID-d9fr-59ax-vya4"},{"vulnerability":"VCID-e4aq-y2zm-tybp"},{"vulnerability":"VCID-euh2-g5tb-kyc7"},{"vulnerability":"VCID-evc7-d6mz-dqh7"},{"vulnerability":"VCID-g4wu-fszp-sbcp"},{"vulnerability":"VCID-h2q3-ub28-9ygd"},{"vulnerability":"VCID-hguc-e36x-kkfj"},{"vulnerability":"VCID-j2ck-xmvp-h7f7"},{"vulnerability":"VCID-jeu6-8nb9-d3ep"},{"vulnerability":"VCID-jgjd-n5m8-cbbk"},{"vulnerability":"VCID-kx1u-3t7h-tyhb"},{"vulnerability":"VCID-mgev-h4d6-g3c9"},{"vulnerability":"VCID-mkrz-w4u4-tuaj"},{"vulnerability":"VCID-n1ag-bkf2-uyd8"},{"vulnerability":"VCID-n3sz-bxsj-dfbw"},{"vulnerability":"VCID-p3f9-9fu6-cbff"},{"vulnerability":"VCID-ppqc-1vsd-1qg6"},{"vulnerability":"VCID-qr98-8n65-eue6"},{"vulnerability":"VCID-qzz2-61s2-bkca"},{"vulnerability":"VCID-rr9y-73f6-ybab"},{"vulnerability":"VCID-rwu5-z6rj-uye7"},{"vulnerability":"VCID-s161-wyhp-e3hw"},{"vulnerability":"VCID-tba6-aqxs-nqgm"},{"vulnerability":"VCID-td2e-qeam-fucf"},{"vulnerability":"VCID-uhhu-7sbk-gqaf"},{"vulnerability":"VCID-usd5-mpjq-fkgm"},{"vulnerability":"VCID-vaam-cd2s-pkh3"},{"vulnerability":"VCID-vf8n-vse9-4qh3"},{"vulnerability":"VCID-vf9h-vkm4-afgk"},{"vulnerability":"VCID-vn8s-gm5x-eqbd"},{"vulnerability":"VCID-wez5-unzz-kudq"},{"vulnerability":"VCID-wt1r-6349-v7at"},{"vulnerability":"VCID-x85j-52ep-z7a4"},{"vulnerability":"VCID-xnb3-ch5w-d3bt"},{"vulnerability":"VCID-ze1t-z525-n3e2"},{"vulnerability":"VCID-zeyd-2fwn-87bh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.8%252Brepack1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98393?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98392?format=json","purl":"pkg:deb/debian/hdf5@1.14.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.6%252Brepack-2%3Fdistro=trixie"}],"aliases":["CVE-2018-13870"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p78p-43n3-yqgg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72315?format=json","vulnerability_id":"VCID-pmtb-wxmw-2yh2","summary":"An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5O_sdspace_decode in H5Osdspace.c.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14460.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14460.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14460","reference_id":"","reference_type":"","scores":[{"value":"0.00546","scoring_system":"epss","scoring_elements":"0.68189","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00546","scoring_system":"epss","scoring_elements":"0.68228","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00546","scoring_system":"epss","scoring_elements":"0.68236","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14460"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14460","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14460"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1607608","reference_id":"1607608","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1607608"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98397?format=json","purl":"pkg:deb/debian/hdf5@1.10.8%2Brepack-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.8%252Brepack-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98389?format=json","purl":"pkg:deb/debian/hdf5@1.10.8%2Brepack1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1qt2-92gt-f3fk"},{"vulnerability":"VCID-2r6p-322p-37dm"},{"vulnerability":"VCID-5v4u-uu83-sqc8"},{"vulnerability":"VCID-7xfq-w24m-yugw"},{"vulnerability":"VCID-89j8-dfkx-2bhs"},{"vulnerability":"VCID-8aac-7mgq-h7a4"},{"vulnerability":"VCID-8df1-wt32-pqa6"},{"vulnerability":"VCID-8dhg-t7wf-v3ah"},{"vulnerability":"VCID-8jym-e7p3-7qgg"},{"vulnerability":"VCID-adzd-m4tm-v3f8"},{"vulnerability":"VCID-ajuw-pqtu-mygw"},{"vulnerability":"VCID-bhy6-usxm-h7a4"},{"vulnerability":"VCID-c2d5-k2pu-m3ba"},{"vulnerability":"VCID-c54w-b13w-uke7"},{"vulnerability":"VCID-caba-jf2d-yubt"},{"vulnerability":"VCID-d9fr-59ax-vya4"},{"vulnerability":"VCID-e4aq-y2zm-tybp"},{"vulnerability":"VCID-euh2-g5tb-kyc7"},{"vulnerability":"VCID-evc7-d6mz-dqh7"},{"vulnerability":"VCID-g4wu-fszp-sbcp"},{"vulnerability":"VCID-h2q3-ub28-9ygd"},{"vulnerability":"VCID-hguc-e36x-kkfj"},{"vulnerability":"VCID-j2ck-xmvp-h7f7"},{"vulnerability":"VCID-jeu6-8nb9-d3ep"},{"vulnerability":"VCID-jgjd-n5m8-cbbk"},{"vulnerability":"VCID-kx1u-3t7h-tyhb"},{"vulnerability":"VCID-mgev-h4d6-g3c9"},{"vulnerability":"VCID-mkrz-w4u4-tuaj"},{"vulnerability":"VCID-n1ag-bkf2-uyd8"},{"vulnerability":"VCID-n3sz-bxsj-dfbw"},{"vulnerability":"VCID-p3f9-9fu6-cbff"},{"vulnerability":"VCID-ppqc-1vsd-1qg6"},{"vulnerability":"VCID-qr98-8n65-eue6"},{"vulnerability":"VCID-qzz2-61s2-bkca"},{"vulnerability":"VCID-rr9y-73f6-ybab"},{"vulnerability":"VCID-rwu5-z6rj-uye7"},{"vulnerability":"VCID-s161-wyhp-e3hw"},{"vulnerability":"VCID-tba6-aqxs-nqgm"},{"vulnerability":"VCID-td2e-qeam-fucf"},{"vulnerability":"VCID-uhhu-7sbk-gqaf"},{"vulnerability":"VCID-usd5-mpjq-fkgm"},{"vulnerability":"VCID-vaam-cd2s-pkh3"},{"vulnerability":"VCID-vf8n-vse9-4qh3"},{"vulnerability":"VCID-vf9h-vkm4-afgk"},{"vulnerability":"VCID-vn8s-gm5x-eqbd"},{"vulnerability":"VCID-wez5-unzz-kudq"},{"vulnerability":"VCID-wt1r-6349-v7at"},{"vulnerability":"VCID-x85j-52ep-z7a4"},{"vulnerability":"VCID-xnb3-ch5w-d3bt"},{"vulnerability":"VCID-ze1t-z525-n3e2"},{"vulnerability":"VCID-zeyd-2fwn-87bh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.8%252Brepack1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98393?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98392?format=json","purl":"pkg:deb/debian/hdf5@1.14.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.6%252Brepack-2%3Fdistro=trixie"}],"aliases":["CVE-2018-14460"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pmtb-wxmw-2yh2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72321?format=json","vulnerability_id":"VCID-qttu-atch-hkcq","summary":"A NULL pointer dereference in H5O_sdspace_encode() in H5Osdspace.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service via a crafted HDF5 file.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17432.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17432.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-17432","reference_id":"","reference_type":"","scores":[{"value":"0.00755","scoring_system":"epss","scoring_elements":"0.73605","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00755","scoring_system":"epss","scoring_elements":"0.73641","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00755","scoring_system":"epss","scoring_elements":"0.73645","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00755","scoring_system":"epss","scoring_elements":"0.73632","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-17432"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17432","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17432"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1634115","reference_id":"1634115","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1634115"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98397?format=json","purl":"pkg:deb/debian/hdf5@1.10.8%2Brepack-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.8%252Brepack-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98389?format=json","purl":"pkg:deb/debian/hdf5@1.10.8%2Brepack1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1qt2-92gt-f3fk"},{"vulnerability":"VCID-2r6p-322p-37dm"},{"vulnerability":"VCID-5v4u-uu83-sqc8"},{"vulnerability":"VCID-7xfq-w24m-yugw"},{"vulnerability":"VCID-89j8-dfkx-2bhs"},{"vulnerability":"VCID-8aac-7mgq-h7a4"},{"vulnerability":"VCID-8df1-wt32-pqa6"},{"vulnerability":"VCID-8dhg-t7wf-v3ah"},{"vulnerability":"VCID-8jym-e7p3-7qgg"},{"vulnerability":"VCID-adzd-m4tm-v3f8"},{"vulnerability":"VCID-ajuw-pqtu-mygw"},{"vulnerability":"VCID-bhy6-usxm-h7a4"},{"vulnerability":"VCID-c2d5-k2pu-m3ba"},{"vulnerability":"VCID-c54w-b13w-uke7"},{"vulnerability":"VCID-caba-jf2d-yubt"},{"vulnerability":"VCID-d9fr-59ax-vya4"},{"vulnerability":"VCID-e4aq-y2zm-tybp"},{"vulnerability":"VCID-euh2-g5tb-kyc7"},{"vulnerability":"VCID-evc7-d6mz-dqh7"},{"vulnerability":"VCID-g4wu-fszp-sbcp"},{"vulnerability":"VCID-h2q3-ub28-9ygd"},{"vulnerability":"VCID-hguc-e36x-kkfj"},{"vulnerability":"VCID-j2ck-xmvp-h7f7"},{"vulnerability":"VCID-jeu6-8nb9-d3ep"},{"vulnerability":"VCID-jgjd-n5m8-cbbk"},{"vulnerability":"VCID-kx1u-3t7h-tyhb"},{"vulnerability":"VCID-mgev-h4d6-g3c9"},{"vulnerability":"VCID-mkrz-w4u4-tuaj"},{"vulnerability":"VCID-n1ag-bkf2-uyd8"},{"vulnerability":"VCID-n3sz-bxsj-dfbw"},{"vulnerability":"VCID-p3f9-9fu6-cbff"},{"vulnerability":"VCID-ppqc-1vsd-1qg6"},{"vulnerability":"VCID-qr98-8n65-eue6"},{"vulnerability":"VCID-qzz2-61s2-bkca"},{"vulnerability":"VCID-rr9y-73f6-ybab"},{"vulnerability":"VCID-rwu5-z6rj-uye7"},{"vulnerability":"VCID-s161-wyhp-e3hw"},{"vulnerability":"VCID-tba6-aqxs-nqgm"},{"vulnerability":"VCID-td2e-qeam-fucf"},{"vulnerability":"VCID-uhhu-7sbk-gqaf"},{"vulnerability":"VCID-usd5-mpjq-fkgm"},{"vulnerability":"VCID-vaam-cd2s-pkh3"},{"vulnerability":"VCID-vf8n-vse9-4qh3"},{"vulnerability":"VCID-vf9h-vkm4-afgk"},{"vulnerability":"VCID-vn8s-gm5x-eqbd"},{"vulnerability":"VCID-wez5-unzz-kudq"},{"vulnerability":"VCID-wt1r-6349-v7at"},{"vulnerability":"VCID-x85j-52ep-z7a4"},{"vulnerability":"VCID-xnb3-ch5w-d3bt"},{"vulnerability":"VCID-ze1t-z525-n3e2"},{"vulnerability":"VCID-zeyd-2fwn-87bh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.8%252Brepack1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98393?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98392?format=json","purl":"pkg:deb/debian/hdf5@1.14.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.6%252Brepack-2%3Fdistro=trixie"}],"aliases":["CVE-2018-17432"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qttu-atch-hkcq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/52408?format=json","vulnerability_id":"VCID-ua6h-y2bc-jqdy","summary":"Out-of-bounds Read\nAn issue was discovered in HDF5. A heap-based buffer over-read exists in the function `H5O__layout_decode()` located in `H5Olayout.c`. It allows an attacker to cause Denial of Service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10811.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10811.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-10811","reference_id":"","reference_type":"","scores":[{"value":"0.0043","scoring_system":"epss","scoring_elements":"0.62848","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0043","scoring_system":"epss","scoring_elements":"0.62891","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0043","scoring_system":"epss","scoring_elements":"0.629","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0043","scoring_system":"epss","scoring_elements":"0.6289","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-10811"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10811","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10811"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1827478","reference_id":"1827478","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1827478"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-10811","reference_id":"CVE-2020-10811","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-10811"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98397?format=json","purl":"pkg:deb/debian/hdf5@1.10.8%2Brepack-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.8%252Brepack-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98389?format=json","purl":"pkg:deb/debian/hdf5@1.10.8%2Brepack1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1qt2-92gt-f3fk"},{"vulnerability":"VCID-2r6p-322p-37dm"},{"vulnerability":"VCID-5v4u-uu83-sqc8"},{"vulnerability":"VCID-7xfq-w24m-yugw"},{"vulnerability":"VCID-89j8-dfkx-2bhs"},{"vulnerability":"VCID-8aac-7mgq-h7a4"},{"vulnerability":"VCID-8df1-wt32-pqa6"},{"vulnerability":"VCID-8dhg-t7wf-v3ah"},{"vulnerability":"VCID-8jym-e7p3-7qgg"},{"vulnerability":"VCID-adzd-m4tm-v3f8"},{"vulnerability":"VCID-ajuw-pqtu-mygw"},{"vulnerability":"VCID-bhy6-usxm-h7a4"},{"vulnerability":"VCID-c2d5-k2pu-m3ba"},{"vulnerability":"VCID-c54w-b13w-uke7"},{"vulnerability":"VCID-caba-jf2d-yubt"},{"vulnerability":"VCID-d9fr-59ax-vya4"},{"vulnerability":"VCID-e4aq-y2zm-tybp"},{"vulnerability":"VCID-euh2-g5tb-kyc7"},{"vulnerability":"VCID-evc7-d6mz-dqh7"},{"vulnerability":"VCID-g4wu-fszp-sbcp"},{"vulnerability":"VCID-h2q3-ub28-9ygd"},{"vulnerability":"VCID-hguc-e36x-kkfj"},{"vulnerability":"VCID-j2ck-xmvp-h7f7"},{"vulnerability":"VCID-jeu6-8nb9-d3ep"},{"vulnerability":"VCID-jgjd-n5m8-cbbk"},{"vulnerability":"VCID-kx1u-3t7h-tyhb"},{"vulnerability":"VCID-mgev-h4d6-g3c9"},{"vulnerability":"VCID-mkrz-w4u4-tuaj"},{"vulnerability":"VCID-n1ag-bkf2-uyd8"},{"vulnerability":"VCID-n3sz-bxsj-dfbw"},{"vulnerability":"VCID-p3f9-9fu6-cbff"},{"vulnerability":"VCID-ppqc-1vsd-1qg6"},{"vulnerability":"VCID-qr98-8n65-eue6"},{"vulnerability":"VCID-qzz2-61s2-bkca"},{"vulnerability":"VCID-rr9y-73f6-ybab"},{"vulnerability":"VCID-rwu5-z6rj-uye7"},{"vulnerability":"VCID-s161-wyhp-e3hw"},{"vulnerability":"VCID-tba6-aqxs-nqgm"},{"vulnerability":"VCID-td2e-qeam-fucf"},{"vulnerability":"VCID-uhhu-7sbk-gqaf"},{"vulnerability":"VCID-usd5-mpjq-fkgm"},{"vulnerability":"VCID-vaam-cd2s-pkh3"},{"vulnerability":"VCID-vf8n-vse9-4qh3"},{"vulnerability":"VCID-vf9h-vkm4-afgk"},{"vulnerability":"VCID-vn8s-gm5x-eqbd"},{"vulnerability":"VCID-wez5-unzz-kudq"},{"vulnerability":"VCID-wt1r-6349-v7at"},{"vulnerability":"VCID-x85j-52ep-z7a4"},{"vulnerability":"VCID-xnb3-ch5w-d3bt"},{"vulnerability":"VCID-ze1t-z525-n3e2"},{"vulnerability":"VCID-zeyd-2fwn-87bh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.8%252Brepack1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98393?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98392?format=json","purl":"pkg:deb/debian/hdf5@1.14.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.6%252Brepack-2%3Fdistro=trixie"}],"aliases":["CVE-2020-10811"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ua6h-y2bc-jqdy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72297?format=json","vulnerability_id":"VCID-untx-ks69-4yc3","summary":"An out of bounds read was discovered in H5O_fill_new_decode and H5O_fill_old_decode in H5Ofill.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service or information disclosure attack.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11206.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11206.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-11206","reference_id":"","reference_type":"","scores":[{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73848","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73884","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.7389","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73875","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-11206"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11206","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11206"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1579960","reference_id":"1579960","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1579960"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98397?format=json","purl":"pkg:deb/debian/hdf5@1.10.8%2Brepack-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.8%252Brepack-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98389?format=json","purl":"pkg:deb/debian/hdf5@1.10.8%2Brepack1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1qt2-92gt-f3fk"},{"vulnerability":"VCID-2r6p-322p-37dm"},{"vulnerability":"VCID-5v4u-uu83-sqc8"},{"vulnerability":"VCID-7xfq-w24m-yugw"},{"vulnerability":"VCID-89j8-dfkx-2bhs"},{"vulnerability":"VCID-8aac-7mgq-h7a4"},{"vulnerability":"VCID-8df1-wt32-pqa6"},{"vulnerability":"VCID-8dhg-t7wf-v3ah"},{"vulnerability":"VCID-8jym-e7p3-7qgg"},{"vulnerability":"VCID-adzd-m4tm-v3f8"},{"vulnerability":"VCID-ajuw-pqtu-mygw"},{"vulnerability":"VCID-bhy6-usxm-h7a4"},{"vulnerability":"VCID-c2d5-k2pu-m3ba"},{"vulnerability":"VCID-c54w-b13w-uke7"},{"vulnerability":"VCID-caba-jf2d-yubt"},{"vulnerability":"VCID-d9fr-59ax-vya4"},{"vulnerability":"VCID-e4aq-y2zm-tybp"},{"vulnerability":"VCID-euh2-g5tb-kyc7"},{"vulnerability":"VCID-evc7-d6mz-dqh7"},{"vulnerability":"VCID-g4wu-fszp-sbcp"},{"vulnerability":"VCID-h2q3-ub28-9ygd"},{"vulnerability":"VCID-hguc-e36x-kkfj"},{"vulnerability":"VCID-j2ck-xmvp-h7f7"},{"vulnerability":"VCID-jeu6-8nb9-d3ep"},{"vulnerability":"VCID-jgjd-n5m8-cbbk"},{"vulnerability":"VCID-kx1u-3t7h-tyhb"},{"vulnerability":"VCID-mgev-h4d6-g3c9"},{"vulnerability":"VCID-mkrz-w4u4-tuaj"},{"vulnerability":"VCID-n1ag-bkf2-uyd8"},{"vulnerability":"VCID-n3sz-bxsj-dfbw"},{"vulnerability":"VCID-p3f9-9fu6-cbff"},{"vulnerability":"VCID-ppqc-1vsd-1qg6"},{"vulnerability":"VCID-qr98-8n65-eue6"},{"vulnerability":"VCID-qzz2-61s2-bkca"},{"vulnerability":"VCID-rr9y-73f6-ybab"},{"vulnerability":"VCID-rwu5-z6rj-uye7"},{"vulnerability":"VCID-s161-wyhp-e3hw"},{"vulnerability":"VCID-tba6-aqxs-nqgm"},{"vulnerability":"VCID-td2e-qeam-fucf"},{"vulnerability":"VCID-uhhu-7sbk-gqaf"},{"vulnerability":"VCID-usd5-mpjq-fkgm"},{"vulnerability":"VCID-vaam-cd2s-pkh3"},{"vulnerability":"VCID-vf8n-vse9-4qh3"},{"vulnerability":"VCID-vf9h-vkm4-afgk"},{"vulnerability":"VCID-vn8s-gm5x-eqbd"},{"vulnerability":"VCID-wez5-unzz-kudq"},{"vulnerability":"VCID-wt1r-6349-v7at"},{"vulnerability":"VCID-x85j-52ep-z7a4"},{"vulnerability":"VCID-xnb3-ch5w-d3bt"},{"vulnerability":"VCID-ze1t-z525-n3e2"},{"vulnerability":"VCID-zeyd-2fwn-87bh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.8%252Brepack1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98393?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98392?format=json","purl":"pkg:deb/debian/hdf5@1.14.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.6%252Brepack-2%3Fdistro=trixie"}],"aliases":["CVE-2018-11206"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-untx-ks69-4yc3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72283?format=json","vulnerability_id":"VCID-uzzm-mpfp-s7gv","summary":"In HDF5 1.10.1, there is a divide-by-zero vulnerability in the function H5T_set_loc in the H5T.c file in libhdf5.a. For example, h5dump would crash when someone opens a crafted hdf5 file.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17508.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17508.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-17508","reference_id":"","reference_type":"","scores":[{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.63102","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.6306","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.63104","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.63112","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-17508"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17508","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17508"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1.9","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:N/C:N/I:N/A:P"},{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1524910","reference_id":"1524910","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1524910"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=884365","reference_id":"884365","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=884365"},{"reference_url":"https://usn.ubuntu.com/USN-4817-1/","reference_id":"USN-USN-4817-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-4817-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98394?format=json","purl":"pkg:deb/debian/hdf5@1.10.4%2Brepack-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.4%252Brepack-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98391?format=json","purl":"pkg:deb/debian/hdf5@1.10.6%2Brepack-4%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1qt2-92gt-f3fk"},{"vulnerability":"VCID-2r6p-322p-37dm"},{"vulnerability":"VCID-4kz9-zrss-83bx"},{"vulnerability":"VCID-5v4u-uu83-sqc8"},{"vulnerability":"VCID-7xfq-w24m-yugw"},{"vulnerability":"VCID-89j8-dfkx-2bhs"},{"vulnerability":"VCID-8aac-7mgq-h7a4"},{"vulnerability":"VCID-8df1-wt32-pqa6"},{"vulnerability":"VCID-8dhg-t7wf-v3ah"},{"vulnerability":"VCID-8jym-e7p3-7qgg"},{"vulnerability":"VCID-adzd-m4tm-v3f8"},{"vulnerability":"VCID-ajuw-pqtu-mygw"},{"vulnerability":"VCID-bhy6-usxm-h7a4"},{"vulnerability":"VCID-c2d5-k2pu-m3ba"},{"vulnerability":"VCID-c54w-b13w-uke7"},{"vulnerability":"VCID-caba-jf2d-yubt"},{"vulnerability":"VCID-d9fr-59ax-vya4"},{"vulnerability":"VCID-dmz7-rekk-1bax"},{"vulnerability":"VCID-e4aq-y2zm-tybp"},{"vulnerability":"VCID-euh2-g5tb-kyc7"},{"vulnerability":"VCID-evc7-d6mz-dqh7"},{"vulnerability":"VCID-g4wu-fszp-sbcp"},{"vulnerability":"VCID-h2q3-ub28-9ygd"},{"vulnerability":"VCID-hguc-e36x-kkfj"},{"vulnerability":"VCID-j2ck-xmvp-h7f7"},{"vulnerability":"VCID-jeu6-8nb9-d3ep"},{"vulnerability":"VCID-jgjd-n5m8-cbbk"},{"vulnerability":"VCID-kpny-jvxd-h7df"},{"vulnerability":"VCID-kx1u-3t7h-tyhb"},{"vulnerability":"VCID-mgev-h4d6-g3c9"},{"vulnerability":"VCID-mkrz-w4u4-tuaj"},{"vulnerability":"VCID-n1ag-bkf2-uyd8"},{"vulnerability":"VCID-n3sz-bxsj-dfbw"},{"vulnerability":"VCID-p3f9-9fu6-cbff"},{"vulnerability":"VCID-p78p-43n3-yqgg"},{"vulnerability":"VCID-pmtb-wxmw-2yh2"},{"vulnerability":"VCID-ppqc-1vsd-1qg6"},{"vulnerability":"VCID-qr98-8n65-eue6"},{"vulnerability":"VCID-qttu-atch-hkcq"},{"vulnerability":"VCID-qzz2-61s2-bkca"},{"vulnerability":"VCID-rr9y-73f6-ybab"},{"vulnerability":"VCID-rwu5-z6rj-uye7"},{"vulnerability":"VCID-s161-wyhp-e3hw"},{"vulnerability":"VCID-tba6-aqxs-nqgm"},{"vulnerability":"VCID-td2e-qeam-fucf"},{"vulnerability":"VCID-ua6h-y2bc-jqdy"},{"vulnerability":"VCID-uhhu-7sbk-gqaf"},{"vulnerability":"VCID-untx-ks69-4yc3"},{"vulnerability":"VCID-usd5-mpjq-fkgm"},{"vulnerability":"VCID-vaam-cd2s-pkh3"},{"vulnerability":"VCID-vf8n-vse9-4qh3"},{"vulnerability":"VCID-vf9h-vkm4-afgk"},{"vulnerability":"VCID-vn8s-gm5x-eqbd"},{"vulnerability":"VCID-wez5-unzz-kudq"},{"vulnerability":"VCID-wt1r-6349-v7at"},{"vulnerability":"VCID-x85j-52ep-z7a4"},{"vulnerability":"VCID-xnb3-ch5w-d3bt"},{"vulnerability":"VCID-ze1t-z525-n3e2"},{"vulnerability":"VCID-zeyd-2fwn-87bh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.6%252Brepack-4%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98389?format=json","purl":"pkg:deb/debian/hdf5@1.10.8%2Brepack1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1qt2-92gt-f3fk"},{"vulnerability":"VCID-2r6p-322p-37dm"},{"vulnerability":"VCID-5v4u-uu83-sqc8"},{"vulnerability":"VCID-7xfq-w24m-yugw"},{"vulnerability":"VCID-89j8-dfkx-2bhs"},{"vulnerability":"VCID-8aac-7mgq-h7a4"},{"vulnerability":"VCID-8df1-wt32-pqa6"},{"vulnerability":"VCID-8dhg-t7wf-v3ah"},{"vulnerability":"VCID-8jym-e7p3-7qgg"},{"vulnerability":"VCID-adzd-m4tm-v3f8"},{"vulnerability":"VCID-ajuw-pqtu-mygw"},{"vulnerability":"VCID-bhy6-usxm-h7a4"},{"vulnerability":"VCID-c2d5-k2pu-m3ba"},{"vulnerability":"VCID-c54w-b13w-uke7"},{"vulnerability":"VCID-caba-jf2d-yubt"},{"vulnerability":"VCID-d9fr-59ax-vya4"},{"vulnerability":"VCID-e4aq-y2zm-tybp"},{"vulnerability":"VCID-euh2-g5tb-kyc7"},{"vulnerability":"VCID-evc7-d6mz-dqh7"},{"vulnerability":"VCID-g4wu-fszp-sbcp"},{"vulnerability":"VCID-h2q3-ub28-9ygd"},{"vulnerability":"VCID-hguc-e36x-kkfj"},{"vulnerability":"VCID-j2ck-xmvp-h7f7"},{"vulnerability":"VCID-jeu6-8nb9-d3ep"},{"vulnerability":"VCID-jgjd-n5m8-cbbk"},{"vulnerability":"VCID-kx1u-3t7h-tyhb"},{"vulnerability":"VCID-mgev-h4d6-g3c9"},{"vulnerability":"VCID-mkrz-w4u4-tuaj"},{"vulnerability":"VCID-n1ag-bkf2-uyd8"},{"vulnerability":"VCID-n3sz-bxsj-dfbw"},{"vulnerability":"VCID-p3f9-9fu6-cbff"},{"vulnerability":"VCID-ppqc-1vsd-1qg6"},{"vulnerability":"VCID-qr98-8n65-eue6"},{"vulnerability":"VCID-qzz2-61s2-bkca"},{"vulnerability":"VCID-rr9y-73f6-ybab"},{"vulnerability":"VCID-rwu5-z6rj-uye7"},{"vulnerability":"VCID-s161-wyhp-e3hw"},{"vulnerability":"VCID-tba6-aqxs-nqgm"},{"vulnerability":"VCID-td2e-qeam-fucf"},{"vulnerability":"VCID-uhhu-7sbk-gqaf"},{"vulnerability":"VCID-usd5-mpjq-fkgm"},{"vulnerability":"VCID-vaam-cd2s-pkh3"},{"vulnerability":"VCID-vf8n-vse9-4qh3"},{"vulnerability":"VCID-vf9h-vkm4-afgk"},{"vulnerability":"VCID-vn8s-gm5x-eqbd"},{"vulnerability":"VCID-wez5-unzz-kudq"},{"vulnerability":"VCID-wt1r-6349-v7at"},{"vulnerability":"VCID-x85j-52ep-z7a4"},{"vulnerability":"VCID-xnb3-ch5w-d3bt"},{"vulnerability":"VCID-ze1t-z525-n3e2"},{"vulnerability":"VCID-zeyd-2fwn-87bh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.8%252Brepack1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98393?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98392?format=json","purl":"pkg:deb/debian/hdf5@1.14.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.6%252Brepack-2%3Fdistro=trixie"}],"aliases":["CVE-2017-17508"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uzzm-mpfp-s7gv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72273?format=json","vulnerability_id":"VCID-ycz8-g88h-7fhs","summary":"In the HDF5 1.8.16 library's failure to check if the number of dimensions for an array read from the file is within the bounds of the space allocated for it, a heap-based buffer overflow will occur, potentially leading to arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4330.json","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4330.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-4330","reference_id":"","reference_type":"","scores":[{"value":"0.00442","scoring_system":"epss","scoring_elements":"0.63565","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00442","scoring_system":"epss","scoring_elements":"0.63608","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00442","scoring_system":"epss","scoring_elements":"0.63615","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00442","scoring_system":"epss","scoring_elements":"0.63606","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-4330"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4330","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4330"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4331","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4331"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4332","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4332"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4333","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4333"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1397701","reference_id":"1397701","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1397701"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=845301","reference_id":"845301","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=845301"},{"reference_url":"https://security.gentoo.org/glsa/201701-13","reference_id":"GLSA-201701-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-13"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98390?format=json","purl":"pkg:deb/debian/hdf5@1.10.0-patch1%2Bdocs-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.0-patch1%252Bdocs-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98391?format=json","purl":"pkg:deb/debian/hdf5@1.10.6%2Brepack-4%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1qt2-92gt-f3fk"},{"vulnerability":"VCID-2r6p-322p-37dm"},{"vulnerability":"VCID-4kz9-zrss-83bx"},{"vulnerability":"VCID-5v4u-uu83-sqc8"},{"vulnerability":"VCID-7xfq-w24m-yugw"},{"vulnerability":"VCID-89j8-dfkx-2bhs"},{"vulnerability":"VCID-8aac-7mgq-h7a4"},{"vulnerability":"VCID-8df1-wt32-pqa6"},{"vulnerability":"VCID-8dhg-t7wf-v3ah"},{"vulnerability":"VCID-8jym-e7p3-7qgg"},{"vulnerability":"VCID-adzd-m4tm-v3f8"},{"vulnerability":"VCID-ajuw-pqtu-mygw"},{"vulnerability":"VCID-bhy6-usxm-h7a4"},{"vulnerability":"VCID-c2d5-k2pu-m3ba"},{"vulnerability":"VCID-c54w-b13w-uke7"},{"vulnerability":"VCID-caba-jf2d-yubt"},{"vulnerability":"VCID-d9fr-59ax-vya4"},{"vulnerability":"VCID-dmz7-rekk-1bax"},{"vulnerability":"VCID-e4aq-y2zm-tybp"},{"vulnerability":"VCID-euh2-g5tb-kyc7"},{"vulnerability":"VCID-evc7-d6mz-dqh7"},{"vulnerability":"VCID-g4wu-fszp-sbcp"},{"vulnerability":"VCID-h2q3-ub28-9ygd"},{"vulnerability":"VCID-hguc-e36x-kkfj"},{"vulnerability":"VCID-j2ck-xmvp-h7f7"},{"vulnerability":"VCID-jeu6-8nb9-d3ep"},{"vulnerability":"VCID-jgjd-n5m8-cbbk"},{"vulnerability":"VCID-kpny-jvxd-h7df"},{"vulnerability":"VCID-kx1u-3t7h-tyhb"},{"vulnerability":"VCID-mgev-h4d6-g3c9"},{"vulnerability":"VCID-mkrz-w4u4-tuaj"},{"vulnerability":"VCID-n1ag-bkf2-uyd8"},{"vulnerability":"VCID-n3sz-bxsj-dfbw"},{"vulnerability":"VCID-p3f9-9fu6-cbff"},{"vulnerability":"VCID-p78p-43n3-yqgg"},{"vulnerability":"VCID-pmtb-wxmw-2yh2"},{"vulnerability":"VCID-ppqc-1vsd-1qg6"},{"vulnerability":"VCID-qr98-8n65-eue6"},{"vulnerability":"VCID-qttu-atch-hkcq"},{"vulnerability":"VCID-qzz2-61s2-bkca"},{"vulnerability":"VCID-rr9y-73f6-ybab"},{"vulnerability":"VCID-rwu5-z6rj-uye7"},{"vulnerability":"VCID-s161-wyhp-e3hw"},{"vulnerability":"VCID-tba6-aqxs-nqgm"},{"vulnerability":"VCID-td2e-qeam-fucf"},{"vulnerability":"VCID-ua6h-y2bc-jqdy"},{"vulnerability":"VCID-uhhu-7sbk-gqaf"},{"vulnerability":"VCID-untx-ks69-4yc3"},{"vulnerability":"VCID-usd5-mpjq-fkgm"},{"vulnerability":"VCID-vaam-cd2s-pkh3"},{"vulnerability":"VCID-vf8n-vse9-4qh3"},{"vulnerability":"VCID-vf9h-vkm4-afgk"},{"vulnerability":"VCID-vn8s-gm5x-eqbd"},{"vulnerability":"VCID-wez5-unzz-kudq"},{"vulnerability":"VCID-wt1r-6349-v7at"},{"vulnerability":"VCID-x85j-52ep-z7a4"},{"vulnerability":"VCID-xnb3-ch5w-d3bt"},{"vulnerability":"VCID-ze1t-z525-n3e2"},{"vulnerability":"VCID-zeyd-2fwn-87bh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.6%252Brepack-4%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98389?format=json","purl":"pkg:deb/debian/hdf5@1.10.8%2Brepack1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1qt2-92gt-f3fk"},{"vulnerability":"VCID-2r6p-322p-37dm"},{"vulnerability":"VCID-5v4u-uu83-sqc8"},{"vulnerability":"VCID-7xfq-w24m-yugw"},{"vulnerability":"VCID-89j8-dfkx-2bhs"},{"vulnerability":"VCID-8aac-7mgq-h7a4"},{"vulnerability":"VCID-8df1-wt32-pqa6"},{"vulnerability":"VCID-8dhg-t7wf-v3ah"},{"vulnerability":"VCID-8jym-e7p3-7qgg"},{"vulnerability":"VCID-adzd-m4tm-v3f8"},{"vulnerability":"VCID-ajuw-pqtu-mygw"},{"vulnerability":"VCID-bhy6-usxm-h7a4"},{"vulnerability":"VCID-c2d5-k2pu-m3ba"},{"vulnerability":"VCID-c54w-b13w-uke7"},{"vulnerability":"VCID-caba-jf2d-yubt"},{"vulnerability":"VCID-d9fr-59ax-vya4"},{"vulnerability":"VCID-e4aq-y2zm-tybp"},{"vulnerability":"VCID-euh2-g5tb-kyc7"},{"vulnerability":"VCID-evc7-d6mz-dqh7"},{"vulnerability":"VCID-g4wu-fszp-sbcp"},{"vulnerability":"VCID-h2q3-ub28-9ygd"},{"vulnerability":"VCID-hguc-e36x-kkfj"},{"vulnerability":"VCID-j2ck-xmvp-h7f7"},{"vulnerability":"VCID-jeu6-8nb9-d3ep"},{"vulnerability":"VCID-jgjd-n5m8-cbbk"},{"vulnerability":"VCID-kx1u-3t7h-tyhb"},{"vulnerability":"VCID-mgev-h4d6-g3c9"},{"vulnerability":"VCID-mkrz-w4u4-tuaj"},{"vulnerability":"VCID-n1ag-bkf2-uyd8"},{"vulnerability":"VCID-n3sz-bxsj-dfbw"},{"vulnerability":"VCID-p3f9-9fu6-cbff"},{"vulnerability":"VCID-ppqc-1vsd-1qg6"},{"vulnerability":"VCID-qr98-8n65-eue6"},{"vulnerability":"VCID-qzz2-61s2-bkca"},{"vulnerability":"VCID-rr9y-73f6-ybab"},{"vulnerability":"VCID-rwu5-z6rj-uye7"},{"vulnerability":"VCID-s161-wyhp-e3hw"},{"vulnerability":"VCID-tba6-aqxs-nqgm"},{"vulnerability":"VCID-td2e-qeam-fucf"},{"vulnerability":"VCID-uhhu-7sbk-gqaf"},{"vulnerability":"VCID-usd5-mpjq-fkgm"},{"vulnerability":"VCID-vaam-cd2s-pkh3"},{"vulnerability":"VCID-vf8n-vse9-4qh3"},{"vulnerability":"VCID-vf9h-vkm4-afgk"},{"vulnerability":"VCID-vn8s-gm5x-eqbd"},{"vulnerability":"VCID-wez5-unzz-kudq"},{"vulnerability":"VCID-wt1r-6349-v7at"},{"vulnerability":"VCID-x85j-52ep-z7a4"},{"vulnerability":"VCID-xnb3-ch5w-d3bt"},{"vulnerability":"VCID-ze1t-z525-n3e2"},{"vulnerability":"VCID-zeyd-2fwn-87bh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.8%252Brepack1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98393?format=json","purl":"pkg:deb/debian/hdf5@1.14.5%2Brepack-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.5%252Brepack-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98392?format=json","purl":"pkg:deb/debian/hdf5@1.14.6%2Brepack-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.14.6%252Brepack-2%3Fdistro=trixie"}],"aliases":["CVE-2016-4330"],"risk_score":3.9,"exploitability":"0.5","weighted_severity":"7.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ycz8-g88h-7fhs"}],"risk_score":"3.6","resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/hdf5@1.10.8%252Brepack1-1%3Fdistro=trixie"}