Bounties
Partners
Community
Info
h5py / h5py
Project repository
HDF5 for Python -- The h5py package is a Pythonic interface to the HDF5 binary data format.
Submit a report
FIRST INTERACTION
WITHIN
N/A DAYS
REVIEW
WITHIN
25 DAYS
FIX
WITHIN
N/A DAYS
Arbitrary file read via HDF5 external storage — crafted .h5 file exfiltrates loc...
Mar 17th 2026
mscgo
•
duplicate
None
Code Injection in h5py IPython Completer
Dec 29th 2025
luffybounty18
•
duplicate
Critical
Out-of-bounds Read in h5py LZF Filter due to Improper Handling of Truncated Inpu...
Mar 15th 2026
n0f4c3-4823
•
duplicate
Medium
Heap Buffer Overflow in LZF Compression Filter bundled with h5py
Mar 6th 2026
anubhavdash
•
pending
Technical Deep Dive: h5py IPython Completer Code Injection Vulnerability
Dec 29th 2025
7908837174
•
duplicate
High
Path Traversal in Dataset Names in h5py
Feb 9th 2026
lau90eth
•
pending
Path Traversal via Malicious HDF5 ExternalLink
Aug 13th 2025
rootsecrettt
•
duplicate
Medium
RCE in h5py via Insecure Tab-Completion Enables Attack Chaining in Multi-User E...
Oct 7th 2025
turtle261
•
pending
ReDoS in `ipy_completer.py`
Sep 28th 2025
harbouroverflow
•
pending
Path Traversal and Arbitrary File Access Vulnerability in h5py File Operations
Aug 13th 2025
jplopezy
•
duplicate
Critical
Path Traversal Vulnerability in h5py Symlink Attack
Mar 11th 2025
willjtools
•
pending
Insecure Temporary File
May 23rd 2024
h2oa
•
not applicable
CRITICAL
$1200
HIGH
$600
MEDIUM
$100
LOW
$15
