[SECURITY] Fedora 42 Update: htslib-1.23.1-1.fc42

HTSlib is an implementation of a unified C library for accessing common file formats, such as SAM, CRAM and VCF, used for high-throughput sequencing data, and is the core library used by samtools and bcftools...

[SECURITY] Fedora 42 Update: bcftools-1.23.1-1.fc42

BCFtools is a set of utilities that manipulate genomic variant calls in the Variant Call Format VCF and its binary counterpart BCF. All commands work transparently with both VCFs and BCFs, both uncompressed and BGZF-compressed. This BCFtools includes the polysomy subcommand, which is implemented...

[SECURITY] Fedora 43 Update: bcftools-1.23.1-1.fc43

BCFtools is a set of utilities that manipulate genomic variant calls in the Variant Call Format VCF and its binary counterpart BCF. All commands work transparently with both VCFs and BCFs, both uncompressed and BGZF-compressed. This BCFtools includes the polysomy subcommand, which is implemented...

[SECURITY] Fedora 43 Update: htslib-1.23.1-1.fc43

HTSlib is an implementation of a unified C library for accessing common file formats, such as SAM, CRAM and VCF, used for high-throughput sequencing data, and is the core library used by samtools and bcftools...

[SECURITY] Fedora 44 Update: bcftools-1.23.1-1.fc44

BCFtools is a set of utilities that manipulate genomic variant calls in the Variant Call Format VCF and its binary counterpart BCF. All commands work transparently with both VCFs and BCFs, both uncompressed and BGZF-compressed. This BCFtools includes the polysomy subcommand, which is implemented...

scout 路径遍历漏洞

scout is analyzing VCF and collaborating to solve rare diseases faster. A security vulnerability exists in versions prior to scout version 4.52 that stems from an endfile call that can lead to path traversal...

The vulnerability of the vcf_parse_format function in the library allows access to common file formats used by HTSlib. This enables attackers to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the vcfparseformat function in the library, which allows access to common file formats in HTSlib, lies in the check that only individual fields have excessive sizes. Exploiting this vulnerability allows an attacker to gain access to confidential data, compromise its integrity...

UBUNTU-CVE-2020-36403

HTSlib through 1.10.2 allows out-of-bounds write access in vcfparseformat called from vcfparse and vcfread...

HTSlib 缓冲区错误漏洞

HTSlib is a library file for the C language. A buffer error vulnerability exists in HTSlib versions 1.10 through 1.10.2, which stems from the program allowing out-of-bounds write access to the vcf parsing format...

The vulnerability of the header::add_INFO_descriptor function in the VCF file handling package VCFtools allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the header::addINFOdescriptor function in the VCF file handling library VCFtools relates to reading data beyond the buffer boundaries. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information through a specially created vcf fi...

UBUNTU-CVE-2019-1010127

VCFTools vcftools prior to version 0.1.15 is affected by: Use-after-free. The impact is: Denial of Service or possibly other impact eg. code execution or information disclosure. The component is: The header::addFILTERdescriptor method in header.cpp. The attack vector is: The victim must open a...

USN-3974-1 VCFtools vulnerabilities

It was discovered that VCFtools improperly handled certain input. If a user was tricked into opening a crafted input file, VCFtools could be made to crash. CVE-2018-11099, CVE-2018-11129, CVE-2018-11130...

DEBIAN-CVE-2018-11099

The header::addINFOdescriptor function in header.cpp in VCFtools 0.1.15 allows remote attackers to cause information disclosure heap-based buffer over-read via a crafted vcf file...