CVE-2018-14329

In HTSlib 1.8, a race condition in cram/cram_io.c might allow local users to overwrite arbitrary files via a symlink attack.
References
Link Resource
https://github.com/samtools/htslib/issues/736 Exploit Third Party Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:htslib:htslib:1.8:*:*:*:*:*:*:*

Information

Published : 2018-07-16 19:29

Updated : 2019-09-18 07:21


NVD link : CVE-2018-14329

Mitre link : CVE-2018-14329


JSON object : View

CWE
CWE-59

Improper Link Resolution Before File Access ('Link Following')

CWE-362

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Advertisement

dedicated server usa

Products Affected

htslib

  • htslib