Godlovevampire

**Name of the Vulnerable Software and Affected Versions** HDF5 version 1.10.4 **Description** The issue allows remote attackers to run arbitrary code via the creation of a crafted file, exploiting a Buffer Overflow vulnerability in the `H5S close` function in `H5S.c`. **Recommendations** For HDF5 version 1.10.4, consider disabling the `H5S close` function as a temporary workaround until a patch is available. Restrict access to crafted files to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** HDF5 version 1.10.4 **Description** An issue was discovered in the HDF5 library, where there is an out of bounds read in the function `H5VM memcpyvv` in `H5VM.c` when called from `H5D compact readvv` in `H5Dcompact.c`. **Recommendations** For version 1.10.4, consider updating to a newer version that contains a fix for this issue, however, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** HDF5 version 1.10.4 **Description** An issue was discovered in the HDF5 library, where there is an out of bounds read in the function `H5MM xstrdup` in `H5MM.c` when called from `H5O dtype decode helper` in `H5Odtype.c`. **Recommendations** For version 1.10.4, consider applying a patch or fix to address the out of bounds read issue in the `H5MM xstrdup` function. As a temporary workaround, consider restricting access to the `H5MM xstrdup` function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** HDF5 versions prior to 1.10.5 **Description** A buffer overflow issue in the HDF5 library allows attackers to cause a denial of service via a crafted HDF5 file. This issue was triggered while repacking an HDF5 file. **Recommendations** For versions prior to 1.10.5, update to version 1.10.5 or later to resolve the issue. As a temporary workaround, consider avoiding the use of crafted HDF5 files that may trigger the buffer overflow. Restrict access to sensitive areas where such files may be processed to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** HDF5 version 1.10.4 **Description** An issue was discovered in the HDF5 library, where there is an out of bounds read in the function `H5T close real` in `H5T.c`. **Recommendations** For version 1.10.4, consider updating to a newer version that contains a fix for this issue, however at the moment there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** HDF5 version 1.10.4 **Description** An issue was discovered in the HDF5 library, where there is an out of bounds read in the function `H5T get size` in `H5T.c`. **Recommendations** For version 1.10.4, consider updating to a newer version that contains a fix for this issue, however at the moment, there is no information about a newer version that contains a fix for this vulnerability.