RSS   Podatności dla 'Htslib'   RSS

2018-07-16
 
CVE-2018-14329

CWE-59
 

 
In HTSlib 1.8, a race condition in cram/cram_io.c might allow local users to overwrite arbitrary files via a symlink attack.

 
2018-07-10
 
CVE-2018-13845

CWE-125
 

 
An issue has been found in HTSlib 1.8. It is a buffer over-read in sam_parse1 in sam.c.

 
 
CVE-2018-13844

CWE-772
 

 
An issue has been found in HTSlib 1.8. It is a memory leak in fai_read in faidx.c.

 
 
CVE-2018-13843

CWE-772
 

 
** DISPUTED ** An issue has been found in HTSlib 1.8. It is a memory leak in bgzf_getline in bgzf.c. NOTE: the software maintainer's position is that the "failure to free memory" can be fixed in applications that use the HTSlib library (such as test/test_bgzf.c in the original report) and is not a library issue.

 
2017-11-17
 
CVE-2017-1000206

CWE-119
 

 
samtools htslib library version 1.4.0 and earlier is vulnerable to buffer overflow in the CRAM rANS codec resulting in potential arbitrary code execution

 


Copyright 2024, cxsecurity.com

 

Back to Top