5
CVSSv2

CVE-2018-13843

Published: 10/07/2018 Updated: 03/10/2019
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 446
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Summary

** DISPUTED ** An issue has been found in HTSlib 1.8. It is a memory leak in bgzf_getline in bgzf.c. NOTE: the software maintainer's position is that the "failure to free memory" can be fixed in applications that use the HTSlib library (such as test/test_bgzf.c in the original report) and is not a library issue.

Vulnerability Trend

Affected Products

Vendor Product Versions
HtslibHtslib1.8

Github Repositories

EnFuzzer Tool for ensemble fuzzing, it works across most Linux distributions So far, Enfuzzer has passed all the testcases and worked well on ubuntu, archlinux, centos, debian, fedora, gentoo and opensuse The latest version of enfuzzer was moved to wingtechercom/Enfuzz/ The detail use of Enfuzz Server can be found in githubcom/131250106/enfuzzer/tree/master