CVE-2018-13844

An issue has been found in HTSlib 1.8. It is a memory leak in fai_read in faidx.c. NOTE: This has been disputed with the assertion that this vulnerability exists in the test harness and HTSlib users would be aware of the need to destruct this object returned by fai_load() in their own code
Configurations

Configuration 1 (hide)

cpe:2.3:a:htslib:htslib:1.8:*:*:*:*:*:*:*

History

21 Nov 2024, 03:48

Type Values Removed Values Added
References () https://github.com/samtools/htslib/issues/731#issuecomment-403675330 - Third Party Advisory () https://github.com/samtools/htslib/issues/731#issuecomment-403675330 - Third Party Advisory

07 Nov 2023, 02:52

Type Values Removed Values Added
Summary ** DISPUTED ** An issue has been found in HTSlib 1.8. It is a memory leak in fai_read in faidx.c. NOTE: This has been disputed with the assertion that this vulnerability exists in the test harness and HTSlib users would be aware of the need to destruct this object returned by fai_load() in their own code. An issue has been found in HTSlib 1.8. It is a memory leak in fai_read in faidx.c. NOTE: This has been disputed with the assertion that this vulnerability exists in the test harness and HTSlib users would be aware of the need to destruct this object returned by fai_load() in their own code

Information

Published : 2018-07-10 18:29

Updated : 2024-11-21 03:48


NVD link : CVE-2018-13844

Mitre link : CVE-2018-13844

CVE.ORG link : CVE-2018-13844


JSON object : View

Products Affected

htslib

  • htslib
CWE
CWE-401

Missing Release of Memory after Effective Lifetime