Nixpkgs security tracker

Login with GitHub

Suggestions search

Dismissed

Filter by:

With package: hdf5-fortran-mpi

Found 1 matching suggestions

View:

Compact

Detailed

Permalink CVE-2026-26200

7.8 HIGH

CVSS version (CVSS): 3.1
Attack Vector (AV): Local (L)
Attack Complexity (AC): Low (L)
Privileges Required (PR): None (N)
User Interaction (UI): Required (R)
Scope (S): Unchanged (U)
Confidentiality (C): High (H)
Integrity (I): High (H)
Availability (A): High (H)
Modified Attack Vector (MAV): Local (L)
Modified Attack Complexity (MAC): Low (L)
Modified Privileges Required (MPR): None (N)
Modified User Interaction (MUI): Required (R)
Modified Confidentiality (MC): High (H)
Modified Scope (MS): Unchanged (U)
Modified Integrity (MI): High (H)
Modified Availability (MA): High (H)

updated 3 months ago by @LeSuisse Activity log

Created suggestion 3 months ago
@LeSuisse ignored
4 packages
- haskellPackages.hdf5-lite
- python312Packages.hdf5plugin
- python313Packages.hdf5plugin
- python314Packages.hdf5plugin
3 months ago
@LeSuisse dismissed 3 months ago

HDF5 Affected by H5T__conv_struct_opt Heap Buffer Overflow

HDF5 is software for managing data. Prior to version 1.14.4-2, an attacker who can control an `h5` file parsed by HDF5 can trigger a write-based heap buffer overflow condition. This can lead to a denial-of-service condition, and potentially further issues such as remote code execution depending on the practical exploitability of the heap overflow against modern operating systems. Real-world exploitability of this issue in terms of remote-code execution is currently unknown. Version 1.14.4-2 fixes the issue.

References

https://github.com/HDFGroup/hdf5/security/advisories/GHSA-5p2m-j456-9mr2 x_refsource_CONFIRM

Affected products

hdf5

==< 1.14.4-2

Matching in nixpkgs

pkgs.hdf5

Data model, library, and file format for storing and managing data

nixos-unstable 1.14.6
- nixpkgs-unstable 1.14.6
- nixos-unstable-small 1.14.6
nixos-25.11 1.14.6
- nixos-25.11-small 1.14.6
- nixpkgs-25.11-darwin 1.14.6

pkgs.hdf5-cpp

Data model, library, and file format for storing and managing data

nixos-unstable 1.14.6
- nixpkgs-unstable 1.14.6
- nixos-unstable-small 1.14.6
nixos-25.11 1.14.6
- nixos-25.11-small 1.14.6
- nixpkgs-25.11-darwin 1.14.6

pkgs.hdf5-mpi

Data model, library, and file format for storing and managing data

nixos-unstable 1.14.6
- nixpkgs-unstable 1.14.6
- nixos-unstable-small 1.14.6
nixos-25.11 1.14.6
- nixos-25.11-small 1.14.6
- nixpkgs-25.11-darwin 1.14.6

pkgs.hdf5_1_10

Data model, library, and file format for storing and managing data

nixos-unstable 1.10.11
- nixpkgs-unstable 1.10.11
- nixos-unstable-small 1.10.11
nixos-25.11 1.10.11
- nixos-25.11-small 1.10.11
- nixpkgs-25.11-darwin 1.10.11

pkgs.hdf5-blosc

Filter for HDF5 that uses the Blosc compressor

nixos-unstable 1.0.1
- nixpkgs-unstable 1.0.1
- nixos-unstable-small 1.0.1
nixos-25.11 1.0.1
- nixos-25.11-small 1.0.1
- nixpkgs-25.11-darwin 1.0.1

pkgs.hdf5-fortran

Data model, library, and file format for storing and managing data

nixos-unstable 1.14.6
- nixpkgs-unstable 1.14.6
- nixos-unstable-small 1.14.6
nixos-25.11 1.14.6
- nixos-25.11-small 1.14.6
- nixpkgs-25.11-darwin 1.14.6

pkgs.hdf5-threadsafe

Data model, library, and file format for storing and managing data

nixos-unstable 1.14.6
- nixpkgs-unstable 1.14.6
- nixos-unstable-small 1.14.6
nixos-25.11 1.14.6
- nixos-25.11-small 1.14.6
- nixpkgs-25.11-darwin 1.14.6

pkgs.hdf5-fortran-mpi

Data model, library, and file format for storing and managing data

nixos-unstable 1.14.6
- nixpkgs-unstable 1.14.6
- nixos-unstable-small 1.14.6
nixos-25.11 1.14.6
- nixos-25.11-small 1.14.6
- nixpkgs-25.11-darwin 1.14.6

pkgs.pkgsRocm.hdf5-mpi

Data model, library, and file format for storing and managing data

nixos-unstable 1.14.6
- nixpkgs-unstable 1.14.6
- nixos-unstable-small 1.14.6
nixos-25.11 1.14.6
- nixos-25.11-small 1.14.6
- nixpkgs-25.11-darwin 1.14.6

pkgs.haskellPackages.hdf5

Haskell interface to the HDF5 scientific data storage library

nixos-unstable 1.8.15
- nixpkgs-unstable 1.8.15
- nixos-unstable-small 1.8.15
nixos-25.11 1.8.15
- nixos-25.11-small 1.8.15
- nixpkgs-25.11-darwin 1.8.15

pkgs.pkgsRocm.hdf5-fortran-mpi

Data model, library, and file format for storing and managing data

nixos-unstable 1.14.6
- nixpkgs-unstable 1.14.6
- nixos-unstable-small 1.14.6
nixos-25.11 1.14.6
- nixos-25.11-small 1.14.6
- nixpkgs-25.11-darwin 1.14.6

Ignored packages (4)

pkgs.haskellPackages.hdf5-lite

High-level bindings to the HDF5 "lite" interface

nixos-unstable 0.1.1.0
- nixpkgs-unstable 0.1.1.0
- nixos-unstable-small 0.1.1.0
nixos-25.11 0.1.1.0
- nixos-25.11-small 0.1.1.0
- nixpkgs-25.11-darwin 0.1.1.0

pkgs.python312Packages.hdf5plugin

Additional compression filters for h5py

nixos-25.11 hdf5plugin-5.1.0
- nixos-25.11-small hdf5plugin-5.1.0
- nixpkgs-25.11-darwin hdf5plugin-5.1.0

pkgs.python313Packages.hdf5plugin

Additional compression filters for h5py

nixos-unstable hdf5plugin-5.1.0
- nixpkgs-unstable hdf5plugin-5.1.0
- nixos-unstable-small hdf5plugin-5.1.0
nixos-25.11 hdf5plugin-5.1.0
- nixos-25.11-small hdf5plugin-5.1.0
- nixpkgs-25.11-darwin hdf5plugin-5.1.0

pkgs.python314Packages.hdf5plugin

Additional compression filters for h5py

nixos-unstable hdf5plugin-5.1.0
- nixpkgs-unstable hdf5plugin-5.1.0
- nixos-unstable-small hdf5plugin-5.1.0

Package maintainers

@markuskowa Markus Kowalewski <markus.kowalewski@gmail.com>
@bhipple Benjamin Hipple <bhipple@protonmail.com>
@stephen-huan Stephen Huan <stephen.huan@cgdct.moe>

Current stable was never impacted

https://github.com/NixOS/nixpkgs/commit/16478834f4c19c2b3df99b7e130f7df89215ef0e

1