CVE-2018-13843

Опубликовано: 10 июл. 2018

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

An issue has been found in HTSlib 1.8. It is a memory leak in bgzf_getline in bgzf.c. NOTE: the software maintainer's position is that the "failure to free memory" can be fixed in applications that use the HTSlib library (such as test/test_bgzf.c in the original report) and is not a library issue

Ссылки

https://github.com/samtools/htslib/issues/731#issue-339662537
Exploit
Patch
Third Party Advisory
https://github.com/samtools/htslib/issues/731#issue-339662537
Exploit
Patch
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:htslib:htslib:1.8:*:*:*:*:*:*:*

EPSS

Процентиль: 58%

0.00366

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-772

Связанные уязвимости

CVE-2018-13843

CVSS3: 7.5

ubuntu

больше 7 лет назад

CVE-2018-13843

CVSS3: 7.5

debian

больше 7 лет назад

An issue has been found in HTSlib 1.8. It is a memory leak in bgzf_get ...

GHSA-fqfp-r4jq-mf88

CVSS3: 7.5

github

больше 3 лет назад

** DISPUTED ** An issue has been found in HTSlib 1.8. It is a memory leak in bgzf_getline in bgzf.c. NOTE: the software maintainer's position is that the "failure to free memory" can be fixed in applications that use the HTSlib library (such as test/test_bgzf.c in the original report) and is not a library issue.

EPSS

Процентиль: 58%

0.00366

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-772