CVE-2018-14035 (https://nvd.nist.gov/vuln/detail/CVE-2018-14035): An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5VM_memcpyvv in H5VM.c. CVE-2018-14034 (https://nvd.nist.gov/vuln/detail/CVE-2018-14034): An issue was discovered in the HDF HDF5 1.8.20 library. There is an out of bounds read in the function H5O_pline_reset in H5Opline.c. CVE-2018-14033 (https://nvd.nist.gov/vuln/detail/CVE-2018-14033): An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5O_layout_decode in H5Olayout.c, related to HDmemcpy. CVE-2018-14032 (https://nvd.nist.gov/vuln/detail/CVE-2018-14032): An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5O_fill_new_decode in H5Ofill.c, related to HDmemcpy. CVE-2018-14031 (https://nvd.nist.gov/vuln/detail/CVE-2018-14031): An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5T_copy in H5T.c.
Seems like PoCs are public, but need to comb through them to see if any were ever fixed. https://github.com/TeamSeri0us/pocs/tree/master/hdf5
