5 matches found
CVE-2026-31965
A flaw was found in HTSlib, a library for reading and writing bioinformatics file formats. This vulnerability, an out-of-bounds read, occurs in the cramdecodeslice function when processing CRAM Compressed Reference-oriented Alignment Map records due to delayed validation of the reference ID field...
UBUNTU-CVE-2026-31965
HTSlib is a library for reading and writing bioinformatics file formats. CRAM is a compressed format which stores DNA sequence alignment data. In the cramdecodeslice function called while reading CRAM records, validation of the reference id field occurred too late, allowing two out of bounds read...
CVE-2026-31965
In HTSlib, the vulnerability (CVE-2026-31965) affects the CRAM decoding path, specifically cram_decode_slice() where reference-id validation occurs too late. This permits two out-of-bounds reads and may leak two values to the caller; the program may also crash from invalid memory access. Fixed ve...
CVE-2026-31965 HTSlib CRAM reader has out-of-bounds reads due to improper validation of input
HTSlib is a library for reading and writing bioinformatics file formats. CRAM is a compressed format which stores DNA sequence alignment data. In the cramdecodeslice function called while reading CRAM records, validation of the reference id field occurred too late, allowing two out of bounds read...
CVE-2026-31965
HTSlib is a library for reading and writing bioinformatics file formats. CRAM is a compressed format which stores DNA sequence alignment data. In the cramdecodeslice function called while reading CRAM records, validation of the reference id field occurred too late, allowing two out of bounds read...