CVE-2026-31966

EPSS 0.52%
Veröffentlicht 18.03.2026 18:58:47
Zuletzt bearbeitet 19.03.2026 14:44:04
Quelle security-advisories@github.com
CVE-Watchlists
Login
Unerledigt
Login

HTSlib CRAM reader has out-of-bounds read due to improper validation of input

HTSlib is a library for reading and writing bioinformatics file formats. CRAM is a compressed format which stores DNA sequence alignment data. As one method of removing redundant data, CRAM uses reference-based compression so that instead of storing the full sequence for each alignment record it stores a location in an external reference sequence along with a list of differences to the reference at that location as a sequence of "features". When decoding CRAM records, the reference data is stored in a char array, and parts matching the alignment record sequence are copied over as necessary. Due to insufficient validation of the feature data series, it was possible to make the `cram_decode_seq()` function copy data from either before the start, or after the end of the stored reference either into the buffer used to store the output sequence for the cram record, or into the buffer used to build the SAM `MD` tag.  This allowed arbitrary data to be leaked to the calling function. This bug may allow information about program state to be leaked.  It may also cause a program crash through an attempt to access invalid memory. Versions 1.23.1, 1.22.2 and 1.21.1 include fixes for this issue. There is no workaround for this issue.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 2 Referenzen 7

NVD 3 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Htslib ≫ Htslib Version < 1.21.1

Htslib ≫ Htslib Version >= 1.22 < 1.22.2

Htslib ≫ Htslib Version1.23

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.52%	0.398

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.1	3.9	5.2	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
security-advisories@github.com	6.9	0	0	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CWE-125 Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

CWE-129 Improper Validation of Array Index

The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array.

https://github.com/samtools/htslib/security/advisories/GHSA-5cj8-mj52-8vp3

Patch

Vendor Advisory

https://github.com/samtools/htslib/commit/22ec5230ef95769ab009420da69568c7e530af28

Patch

https://github.com/samtools/htslib/commit/2a45eb129d703ad27f9fabc8169f0e94d3c69fa3

Patch

https://github.com/samtools/htslib/commit/4a5ef25eb1fb3d64438103316fffe423b2c3f5f4

Patch

https://nvd.nist.gov/vuln/detail/CVE-2026-31966

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2026-31966

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2026-31966

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2026-31966