Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2019-1010127

Опубликовано: 25 июл. 2019
Источник: debian
EPSS Низкий

Описание

VCFTools vcftools prior to version 0.1.15 is affected by: Use-after-free. The impact is: Denial of Service or possibly other impact (eg. code execution or information disclosure). The component is: The header::add_FILTER_descriptor method in header.cpp. The attack vector is: The victim must open a specially crafted VCF file.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
vcftoolsfixed0.1.16-1package
vcftoolsfixed0.1.14+dfsg-4+deb9u1stretchpackage
vcftoolsfixed0.1.12+dfsg-1+deb8u1jessiepackage

Примечания

  • https://github.com/vcftools/vcftools/commit/00a5b615a61054f23c01a04ebb6790a55029f695 (v0.1.16)

  • https://github.com/vcftools/vcftools/commit/e94e2992e2c0f4cc95864a42fe470c040f95712e (v0.1.16)

  • https://github.com/vcftools/vcftools/commit/d657d60e37f5d705f9dbb578b516db6e420fb424 (v0.1.16)

  • https://github.com/vcftools/vcftools/commit/f6453c581b8113053a25689226920f7ded2e8270 (fix for typo in warning log message))

  • CVE-2019-1010127 is a different issue than CVE-2018-11099, CVE-2018-11129 and

  • CVE-2018-11130 but covered with same set of upstream commits.

EPSS

Процентиль: 70%
0.00627
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2019-1010127

CVSS3: 7.8
ubuntu
больше 6 лет назад

VCFTools vcftools prior to version 0.1.15 is affected by: Use-after-free. The impact is: Denial of Service or possibly other impact (eg. code execution or information disclosure). The component is: The header::add_FILTER_descriptor method in header.cpp. The attack vector is: The victim must open a specially crafted VCF file.

nvd логотип

CVE-2019-1010127

CVSS3: 7.8
nvd
больше 6 лет назад

VCFTools vcftools prior to version 0.1.15 is affected by: Use-after-free. The impact is: Denial of Service or possibly other impact (eg. code execution or information disclosure). The component is: The header::add_FILTER_descriptor method in header.cpp. The attack vector is: The victim must open a specially crafted VCF file.

github логотип

GHSA-rw6f-42g4-c764

CVSS3: 7.8
github
больше 3 лет назад

VCFTools vcftools prior to version 0.1.15 is affected by: Use-after-free. The impact is: Denial of Service or possibly other impact (eg. code execution or information disclosure). The component is: The header::add_FILTER_descriptor method in header.cpp. The attack vector is: The victim must open a specially crafted VCF file.

EPSS

Процентиль: 70%
0.00627
Низкий