DEBIAN-CVE-2018-13870

See a problem?
Please try reporting it to the source first.
Source
https://security-tracker.debian.org/tracker/CVE-2018-13870
Import Source
https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2018-13870.json
JSON Data
https://api.test.osv.dev/v1/vulns/DEBIAN-CVE-2018-13870
Upstream
Published
2018-07-10T21:29:00.450Z
Modified
2025-11-14T04:02:39.472919Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5Olinkdecode in H5Olink.c.

References

Affected packages

Debian:11 / hdf5

Package

Name
hdf5
Purl
pkg:deb/debian/hdf5?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*

1.10.6+repack-4
1.10.6+repack-4+deb11u1
1.10.6+repack-5
1.10.7+repack-1
1.10.7+repack-2
1.10.7+repack-3
1.10.7+repack-4
1.10.8+repack-1
1.10.8+repack-2
1.10.8+repack-3
1.10.8+repack-4
1.10.8+repack1-1
1.10.10+repack-1
1.10.10+repack-2
1.10.10+repack-3
1.10.10+repack-3.1
1.10.10+repack-3.2
1.10.10+repack-3.2+ports
1.10.10+repack-3.3
1.10.10+repack-4
1.10.10+repack-5
1.12.0+repack-1~exp1
1.12.0+repack-1~exp2
1.12.2+repack-1~exp1
1.14.3+repack-1~exp1
1.14.3+repack1-1~exp2
1.14.3+repack1-1~exp3
1.14.4.3+repack-1~exp1
1.14.4.3+repack-1~exp2
1.14.4.3+repack-1~exp3
1.14.5+repack-1~exp1
1.14.5+repack-1~exp2
1.14.5+repack-1~exp3
1.14.5+repack-1~exp4
1.14.5+repack-1~exp5
1.14.5+repack-1~exp6
1.14.5+repack-1
1.14.5+repack-2
1.14.5+repack-3~exp1
1.14.5+repack-3~exp2
1.14.5+repack-3~exp3
1.14.5+repack-3~exp4
1.14.5+repack-3
1.14.5+repack-3.1
1.14.5+repack-4~exp1
1.14.5+repack-4~exp2
1.14.5+repack-4
1.14.5+repack-5~exp2
1.14.5+repack-5~exp3
1.14.6+repack-1~exp1
1.14.6+repack-1~exp2
1.14.6+repack-1~exp3
1.14.6+repack-1~exp4
1.14.6+repack-1~exp5
1.14.6+repack-1~exp6
1.14.6+repack-1~exp7
1.14.6+repack-1~exp8
1.14.6+repack-1~exp9
1.14.6+repack-1~exp10
1.14.6+repack-1~exp11
1.14.6+repack-1~exp12
1.14.6+repack-1~exp13
1.14.6+repack-1~exp14
1.14.6+repack-1~exp15
1.14.6+repack-1~exp16
1.14.6+repack-1~exp17

Ecosystem specific 

{
    "urgency": "unimportant"
}

Database specific

source

"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2018-13870.json"

Debian:12 / hdf5

Package

Name
hdf5
Purl
pkg:deb/debian/hdf5?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.10.7+repack-1

Ecosystem specific 

{
    "urgency": "unimportant"
}

Database specific

source

"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2018-13870.json"

Debian:13 / hdf5

Package

Name
hdf5
Purl
pkg:deb/debian/hdf5?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.10.7+repack-1

Ecosystem specific 

{
    "urgency": "unimportant"
}

Database specific

source

"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2018-13870.json"

Debian:14 / hdf5

Package

Name
hdf5
Purl
pkg:deb/debian/hdf5?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.10.7+repack-1

Ecosystem specific 

{
    "urgency": "unimportant"
}

Database specific

source

"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2018-13870.json"