CVE-2016-4331

Name of the Vulnerable Software and Affected Versions HDF5 version 1.8.16

Description The issue arises when decoding data from a dataset encoded with the H5Z NBIT decoding in the HDF5 library, leading to a failure in ensuring that the precision is within the bounds of the size. This can result in arbitrary code execution.

Recommendations For HDF5 version 1.8.16, consider updating to a newer version that addresses this issue, as the current version fails to ensure precision bounds when decoding data with H5Z NBIT, potentially leading to arbitrary code execution. At the moment, there is no information about a newer version that contains a fix for this vulnerability.