Browse all 3 CVE security advisories affecting HDF5 Group. AI-powered Chinese analysis, POCs, and references for each vulnerability.
The HDF5 Group develops and maintains the HDF5 data model, format, and software library for managing complex scientific and engineering data. Historically, their software has been vulnerable to remote code execution, buffer overflows, and denial-of-service attacks, often stemming from improper input validation and memory management issues. While no major security incidents have been widely reported, the three CVEs on record highlight potential risks in parsing malformed files and insufficient bounds checking. The library's widespread use in high-stakes environments underscores the importance of addressing these vulnerabilities, particularly as attackers increasingly target scientific software supply chains.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2022-26061 | HDF5 Group libhdf5 缓冲区错误漏洞 — libhdf5CWE-122 | 7.8 | - | 2022-08-22 |
| CVE-2022-25972 | HDF5 Group libhdf5缓冲区错误漏洞 — libhdf5CWE-787 | 7.8 | - | 2022-08-22 |
| CVE-2022-25942 | HDF5 Group libhdf5 缓冲区错误漏洞 — libhdf5CWE-125 | 7.8 | - | 2022-08-22 |
This page lists every published CVE security advisory associated with HDF5 Group. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.