Bugzilla – Bug 1202622
VUL-0: CVE-2022-26061: hdf5: heap-based buffer overflow vulnerability in the gif2h5 functionality
Last modified: 2022-09-07 07:18:29 UTC
A heap-based buffer overflow vulnerability exists in the gif2h5 functionality of
HDF5 Group libhdf5 1.10.4. A specially-crafted GIF file can lead to code
execution. An attacker can provide a malicious file to trigger this
From the version numbers all SUSE related packages seam to be clear.
There is no direct reference to a patch or git commit. We will leave the bug report open to check the correctness.
Not affected since we don't ship the GIF tools. Closing.