Vulnerabilities > CVE-2018-13876 - Out-of-bounds Write vulnerability in Hdfgroup Hdf5 1.8.20

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

hdfgroup

CWE-787

critical

NVD

Published: 2018-07-10

Updated: 2020-08-24

Summary

An issue was discovered in the HDF HDF5 1.8.20 library. There is a stack-based buffer overflow in the function H5FD_sec2_read in H5FDsec2.c, related to HDread.

Vulnerable Configurations

Part	Description	Count
Application	Hdfgroup Hdfgroup Hdf5 1.8.20	1

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://github.com/TeamSeri0us/pocs/tree/master/hdf5