vulnerability

Debian: CVE-2016-4333: hdf5 -- security update

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:L/AC:M/Au:N/C:C/I:C/A:C)	Nov 18, 2016	Dec 1, 2016	Mar 30, 2026

Severity

CVSS

(AV:L/AC:M/Au:N/C:C/I:C/A:C)

Published

Nov 18, 2016

Added

Dec 1, 2016

Modified

Mar 30, 2026

Description

The HDF5 1.8.16 library allocating space for the array using a value from the file has an impact within the loop for initializing said array allowing a value within the file to modify the loop's terminator. Due to this, an aggressor can cause the loop's index to point outside the bounds of the array when initializing it.

Solution

debian-upgrade-hdf5

References

CVE-2016-4333
https://attackerkb.com/topics/CVE-2016-4333
CWE-119
DEBIAN-DLA-771-1
DEBIAN-DSA-3727
EUVD-EUVD-2016-5333
https://euvd.enisa.europa.eu/vulnerability/EUVD-2016-5333

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today