Lucene search

CVE-2022-21126

🗓️ 29 Nov 2022 17:11:15Reported by snykType

The package com.github.samtools:htsjdk before 3.0.1 has insecure permissions for creating temporary files

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 9
UbuntuCve	CVE-2022-21126	29 Nov 202200:00	–	ubuntucve
Github Security Blog	HTSJDK is vulnerable to exposure of resource(s) to the wrong sphere	29 Nov 202218:30	–	github
Cvelist	CVE-2022-21126 Creation of Temporary File in Directory with Insecure Permissions	29 Nov 202216:50	–	cvelist
Prion	Directory traversal	29 Nov 202217:15	–	prion
OSV	HTSJDK is vulnerable to exposure of resource(s) to the wrong sphere	29 Nov 202218:30	–	osv
OSV	CVE-2022-21126	29 Nov 202217:15	–	osv
CNVD	samtools htsjdk license issue vulnerability	1 Dec 202200:00	–	cnvd
NVD	CVE-2022-21126	29 Nov 202217:15	–	nvd
Veracode	Information Disclosure	1 Dec 202215:16	–	veracode

Nvd

Node

samtools htsjdkRange<3.0.1

[
  {
    "vendor": "n/a",
    "product": "com.github.samtools:htsjdk",
    "versions": [
      {
        "version": "unspecified",
        "lessThan": "3.0.1",
        "status": "affected",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
security	www.security.snyk.io/vuln/SNYK-JAVA-COMGITHUBSAMTOOLS-3149901
github	www.github.com/samtools/htsjdk/pull/1617
github	www.github.com/samtools/htsjdk/commit/4a4024a97ee3e87096df6ad9b22c8260bd527772

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

29 Nov 2022 17:15Current

7.2High risk

Vulners AI Score7.2

CVSS37.3 - 7.8

EPSS0.00048

CWE-668