6 matches found
Linux Distros Unpatched Vulnerability : CVE-2020-36403
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HTSlib through 1.10.2 allows out-of-bounds write access in vcfparseformat called from vcfparse and vcfread. CVE-2020-36403 Note that Nessus relies on the presen...
OESA-2022-1962 htslib security update
HTSlib is an implementation of a unified C library for accessing common file formats, such as SAM, CRAM and VCF, used for high-throughput sequencing data, and is the core library used by samtools and bcftools. HTSlib only depends on zlib. It is known to be compatible with gcc, g++ and clang. HTSl...
openSUSE: Security Advisory for libhts (openSUSE-SU-2021:1177-1)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openSUSE 15 Security Update : libhts (openSUSE-SU-2021:1177-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2021:1177-1 advisory. - HTSlib 1.10 through 1.10.2 allows out-of-bounds write access in vcfparseformat called from vcfparse and vcfread. CVE-2020-36403 Note that Nessus h...
OPENSUSE-SU-2021:1177-1 Security update for libhts
This update of libhts fixes the following security issue: - CVE-2020-36403: Fixed an out-of-bounds write access in vcfparseformat bsc1187917...
CVE-2020-36403
HTSlib up to version 1.10.2 is affected by CVE-2020-36403, which enables an out-of-bounds write in vcf_parse_format (invoked by vcf_parse and vcf_read). The issue is present in HTSlib’s handling of VCF parsing, with impact described as out-of-bounds write. Several connected sources confirm the vu...