repository icon
h5py / h5py Project repository

HDF5 for Python -- The h5py package is a Pythonic interface to the HDF5 binary data format.

Submit a report

FIRST INTERACTION

WITHINN/A DAYS

REVIEW

WITHIN26 DAYS

FIX

WITHINN/A DAYS

NULL pointer dereference in libhdf5 attribute read path triggered by malformed v...
eunhokim98
duplicate
Medium
h5py opaque dtype decoding allows object pointer memory corruption
pragnyanramtha
duplicate
High
Denial of Service (DoS) via Uncontrolled Memory Allocation (OOM) when Parsing C...
m0oo0ry
self closed
Arbitrary file read via HDF5 external storage — crafted .h5 file exfiltrates loc...
mscgo
duplicate
None
Integer Overflow in HDF5 Chunk Size Calculation Causes Heap Buffer Overflow via...
jdhart81
pending
Type Confusion via Crafted Opaque Tag Corrupts Memory When Reading HDF5 Files
alrightryanx
duplicate
High
OOM DoS via unbounded dataset shape in HDF5 file reads
scottcjn
duplicate
Medium
LZF Filter Decompression Bomb — Denial of Service via Unbounded Memory Allocatio...
moonster8282
pending
Denial of Service via HDF5 Compression Bomb — Unchecked Memory Allocation from A...
lrtk-coder
pending
Unvalidated NUMPY: opaque tag in h5t.pyx leads to memory corruption and process...
lrtk-coder
pending
Code Injection in h5py IPython Completer
luffybounty18
duplicate
Critical
Out-of-bounds Read in h5py LZF Filter due to Improper Handling of Truncated Inpu...
n0f4c3-4823
duplicate
Medium
Heap Buffer Overflow in LZF Compression Filter bundled with h5py
anubhavdash
pending
Technical Deep Dive: h5py IPython Completer Code Injection Vulnerability
7908837174
duplicate
High
Path Traversal in Dataset Names in h5py
lau90eth
pending
Path Traversal via Malicious HDF5 ExternalLink
rootsecrettt
duplicate
Medium
RCE in h5py via Insecure Tab-Completion Enables Attack Chaining in Multi-User E...
turtle261
pending
ReDoS in `ipy_completer.py`
harbouroverflow
pending
Path Traversal and Arbitrary File Access Vulnerability in h5py File Operations
jplopezy
duplicate
Critical
Path Traversal Vulnerability in h5py Symlink Attack
willjtools
pending
Insecure Temporary File
h2oa
not applicable
huntr: h5py/h5py