HCE2-SA-2023-0193 Critical HCE 2.0 Security Fix(es): Buffer Overflow vulnerability in HDFGroup hdf5-h5dump 1.12.0 through 1.13.0 allows attackers to cause a denial of service via h5tools_str_sprint in /hdf5/tools/lib/h5tools_str.c. (CVE-2021-37501) An issue was discovered in the HDF HDF5 1.8.20 library. There is an out of bounds read in the function H5F__accum_read in H5Faccum.c. (CVE-2018-13867) An issue was discovered in the HDF HDF5 1.8.20 library. There is an out of bounds read in H5L_extern_query at H5Lexternal.c. (CVE-2018-16438) An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5T_copy in H5T.c. (CVE-2018-14031) An issue was discovered in HDF5 through 1.12.0. A NULL pointer dereference exists in the function H5F_get_nrefs() located in H5Fquery.c. It allows an attacker to cause Denial of Service. (CVE-2020-10812) A buffer overflow in H5O__layout_encode in H5Olayout.c in the HDF HDF5 through 1.10.4 library allows attackers to cause a denial of service via a crafted HDF5 file. This issue was triggered while repacking an HDF5 file, aka "Invalid write of size 2." (CVE-2019-8396) HCE 2.0 hdf5-1.10.8-1.hce2.aarch64.rpm hdf5-devel-1.10.8-1.hce2.aarch64.rpm hdf5-mpich-1.10.8-1.hce2.aarch64.rpm hdf5-mpich-devel-1.10.8-1.hce2.aarch64.rpm hdf5-mpich-static-1.10.8-1.hce2.aarch64.rpm hdf5-openmpi-1.10.8-1.hce2.aarch64.rpm hdf5-openmpi-devel-1.10.8-1.hce2.aarch64.rpm hdf5-openmpi-static-1.10.8-1.hce2.aarch64.rpm hdf5-1.10.8-1.hce2.x86_64.rpm hdf5-devel-1.10.8-1.hce2.x86_64.rpm hdf5-mpich-1.10.8-1.hce2.x86_64.rpm hdf5-mpich-devel-1.10.8-1.hce2.x86_64.rpm hdf5-mpich-static-1.10.8-1.hce2.x86_64.rpm hdf5-openmpi-1.10.8-1.hce2.x86_64.rpm hdf5-openmpi-devel-1.10.8-1.hce2.x86_64.rpm hdf5-openmpi-static-1.10.8-1.hce2.x86_64.rpm