Download
| Alert*
oval:org.secpod.oval:def:2000652
samtools htslib library version 1.4.0 and earlier is vulnerable to buffer overflow in the CRAM rANS codec resulting in potential arbitrary code execution oval:org.secpod.oval:def:603738 libhts-dev is installed oval:org.secpod.oval:def:2000462 In HTSlib 1.8, a race condition in cram/cram_io.c might allow local users to overwrite arbitrary files via a symlink attack. oval:org.secpod.oval:def:2000097 An issue has been found in HTSlib 1.8. It is a buffer over-read in sam_parse1 in sam.c. oval:org.secpod.oval:def:2000639 ** DISPUTED ** An issue has been found in HTSlib 1.8. It is a memory leak in bgzf_getline in bgzf.c. NOTE: the software maintainer"s position is that the "failure to free memory" can be fixed in applications that use the HTSlib library and is not a library issue. oval:org.secpod.oval:def:2001605 An issue has been found in HTSlib 1.8. It is a memory leak in fai_read in faidx.c. |