EUVD-2022-7293

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2022-21126

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The package com.github.samtools:htsjdk before 3.0.1 are vulnerable to Creation of Temporary File in Directory with Insecure Permissions due to the createTempDir...

Information Disclosure

htsjdk is vulnerable to information disclosure. The vulnerability exists in createTempDir function of IOUtil.java because the information in this directory is visible to other local users which allows an attacker to view sensitive files and hijack the directories to manipulate contents escalating...

samtools htsjdk license issue vulnerability

htsjdk is a samtools open source a Java API for high-throughput sequencing data HTS format . An authorization issue exists in htsjdk 3.0.1 and earlier versions com.github.samtools.The vulnerability is due to the createTempDir function in util/IOUtil, which creates a temporary file in a directory...

HTSJDK is vulnerable to exposure of resource(s) to the wrong sphere

The package com.github.samtools:htsjdk before 3.0.1 are vulnerable to Creation of Temporary File in Directory with Insecure Permissions due to the createTempDir function in util/IOUtil.java not checking for the existence of the temporary directory before attempting to create it...

au.csiro.aehrc.variant-spark:variant-spark_2.11 (=0.1.0), bio.ferlab:datalake-commons_2.12 (>=0.1.0 <=13.0.0) +259 more potentially affected by CVE-2022-21126 via com.github.samtools:htsjdk (>=1.128 <=3.0.0)

com.github.samtools:htsjdk MAVEN version =1.128, =0.1.0, =0.0.1, =0.0.21, =0.1.0, =0.1.0, =0.0.26, =0.1.0, =0.1.3, =1.0.0, =0.1.0, =0.1.3, =1.0.0, =0.1.0, =0.1.3, =0.3.0 and more Source cves: CVE-2022-21126 Source advisory: OSV:GHSA-96VH-4RFP-C42C...

CVE-2022-21126

The package com.github.samtools:htsjdk before 3.0.1 are vulnerable to Creation of Temporary File in Directory with Insecure Permissions due to the createTempDir function in util/IOUtil.java not checking for the existence of the temporary directory before attempting to create it...

UBUNTU-CVE-2022-21126

The package com.github.samtools:htsjdk before 3.0.1 are vulnerable to Creation of Temporary File in Directory with Insecure Permissions due to the createTempDir function in util/IOUtil.java not checking for the existence of the temporary directory before attempting to create it...

CVE-2022-21126

CVE-2022-21126 affects the Java API library com.github.samtools:htsjdk prior to 3.0.1. The root cause is in util/IOUtil.java: createTempDir() does not verify the existence of the temporary directory before attempting to create it, enabling creation of a temporary file in a directory with insecure...

CVE-2022-21126 Creation of Temporary File in Directory with Insecure Permissions

The package com.github.samtools:htsjdk before 3.0.1 are vulnerable to Creation of Temporary File in Directory with Insecure Permissions due to the createTempDir function in util/IOUtil.java not checking for the existence of the temporary directory before attempting to create it...

PT-2022-14866 · Htsjdk · Htsjdk

Name of the Vulnerable Software and Affected Versions: com.github.samtools:htsjdk versions prior to 3.0.1 Description: The issue arises from the createTempDir function in util/IOUtil.java not checking for the existence of the temporary directory before attempting to create it, leading to the...

com.github.broadinstitute:picard (>=2.27.3 <=2.27.4), org.gorpipe:gor-drivers (>=4.1.2 <=4.3.2) +4 more potentially affected by CVE-2022-21126 via com.github.samtools:htsjdk (=3.0.0)

com.github.samtools:htsjdk MAVEN version =3.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on com.github.samtools:htsjdk and may be impacted: - com.github.broadinstitute:picard =2.27.3, =4.1.2, =4.3.1, =4.1.2, =4.1.2, =3.10.1, =4.2.9 Source cves:...

Creation of Temporary File in Directory with Insecure Permissions

Overview com.github.samtools:htsjdk is a Java API for high-throughput sequencing data HTS formats Affected versions of this package are vulnerable to Creation of Temporary File in Directory with Insecure Permissions. due to the createTempDir function in util/IOUtil.java not checking for the...