Arbitrary Code Execution Vulnerability in HDF5 1.8.16 Library's H5Z_NBIT Decoding

Arbitrary Code Execution Vulnerability in HDF5 1.8.16 Library's H5Z_NBIT Decoding

CVE-2016-4331 · MEDIUM Severity

AV:L/AC:M/AU:N/C:C/I:C/A:C

When decoding data out of a dataset encoded with the H5Z_NBIT decoding, the HDF5 1.8.16 library will fail to ensure that the precision is within the bounds of the size leading to arbitrary code execution.

Learn more about our Cis Benchmark Audit For F5.