CVE-2018-14329

Severity CVSS v4.0:
Pending analysis
Type:
CWE-59 Link Following
Publication date:
17/07/2018
Last modified:
17/06/2026

Description

In HTSlib 1.8, a race condition in cram/cram_io.c might allow local users to overwrite arbitrary files via a symlink attack.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:htslib:htslib:1.8:*:*:*:*:*:*:*