htslib 関連製品全体の CVE とセキュリティ脆弱性情報を集約し、CVSS、EPSS、公開日、脆弱性情報データを掲載しています。
過去の問題は主に バッファオーバーフロー and vendor risk memory corruption などに関し、一部は ファイル上書き を招き、vendor surface production workloads and vendor surface software deployment 関連の場面に影響します。
掲載データは公開脆弱性情報とセキュリティ公告に基づき、過去の暴露面と修補優先度の評価に利用できます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2026-31971 | HTSlib is a library for reading and writing bioinformatics file formats. CRAM is a compressed format which stores DNA sequence alignment data using a variety of encodings and compression methods. When reading data encoded using the `BYTE_ARRAY_LEN` method, the `cram_byte_array_len_decode()` failed to validate that the amount of data being unpacked matched the size of the output buffer where it was to be stored. Depending on the data series being read, this could result either in a heap or a stac | [email protected] | 7.1 | 0.09% | 2026-03-18 | 2026-03-19 |
| CVE-2026-31970 | HTSlib is a library for reading and writing bioinformatics file formats. GZI files are used to index block-compressed GZIP [BGZF] files. In the GZI loading function, `bgzf_index_load_hfile()`, it was possible to trigger an integer overflow, leading to an under- or zero-sized buffer being allocated to store the index. Sixteen zero bytes would then be written to this buffer, and, depending on the result of the overflow the rest of the file may also be loaded into the buffer as well. If the func | [email protected] | 7.1 | 0.05% | 2026-03-18 | 2026-03-19 |
| CVE-2026-31969 | HTSlib is a library for reading and writing bioinformatics file formats. CRAM is a compressed format which stores DNA sequence alignment data using a variety of encodings and compression methods. When reading data encoded using the `BYTE_ARRAY_STOP` method, an out-by-one error in the `cram_byte_array_stop_decode_char()` function check for a full output buffer could result in a single attacker-controlled byte being written beyond the end of a heap allocation. Exploiting this bug causes a heap bu | [email protected] | 7.1 | 0.05% | 2026-03-18 | 2026-03-19 |
| CVE-2026-31968 | HTSlib is a library for reading and writing bioinformatics file formats. CRAM is a compressed format which stores DNA sequence alignment data using a variety of encodings and compression methods. For the `VARINT` and `CONST` encodings, incomplete validation of the context in which the encodings were used could result in up to eight bytes being written beyond the end of a heap allocation, or up to eight bytes being written to the location of a one byte variable on the stack, possibly causing the | [email protected] | 8.8 | 0.02% | 2026-03-18 | 2026-03-19 |
| CVE-2026-31967 | HTSlib is a library for reading and writing bioinformatics file formats. CRAM is a compressed format which stores DNA sequence alignment data. In the `cram_decode_slice()` function called while reading CRAM records, the value of the mate reference id field was not validated. Later use of this value, for example when converting the data to SAM format, could result in the out of bounds array reads when looking up the corresponding reference name. If the array value obtained also happened to be a v | [email protected] | 6.9 | 0.01% | 2026-03-18 | 2026-03-19 |
| CVE-2026-31966 | HTSlib is a library for reading and writing bioinformatics file formats. CRAM is a compressed format which stores DNA sequence alignment data. As one method of removing redundant data, CRAM uses reference-based compression so that instead of storing the full sequence for each alignment record it stores a location in an external reference sequence along with a list of differences to the reference at that location as a sequence of "features". When decoding CRAM records, the reference data is store | [email protected] | 6.9 | 0.01% | 2026-03-18 | 2026-03-19 |
| CVE-2026-31965 | HTSlib is a library for reading and writing bioinformatics file formats. CRAM is a compressed format which stores DNA sequence alignment data. In the `cram_decode_slice()` function called while reading CRAM records, validation of the reference id field occurred too late, allowing two out of bounds reads to occur before the invalid data was detected. The bug does allow two values to be leaked to the caller, however as the function reports an error it may be difficult to exploit them. It is also p | [email protected] | 6.9 | 0.02% | 2026-03-18 | 2026-03-19 |
| CVE-2026-31964 | HTSlib is a library for reading and writing bioinformatics file formats. CRAM is a compressed format which stores DNA sequence alignment data using a variety of encodings and compression methods. While most alignment records store DNA sequence and quality values, the format also allows them to omit this data in certain cases to save space. Due to some quirks of the CRAM format, it is necessary to handle these records carefully as they will actually store data that needs to be consumed and then | [email protected] | 6.9 | 0.06% | 2026-03-18 | 2026-03-19 |
| CVE-2026-31963 | HTSlib is a library for reading and writing bioinformatics file formats. CRAM is a compressed format which stores DNA sequence alignment data. As one method of removing redundant data, CRAM uses reference-based compression so that instead of storing the full sequence for each alignment record it stores a location in an external reference sequence along with a list of differences to the reference at that location as a sequence of "features". When decoding these features, an out-by-one error in a | [email protected] | 8.8 | 0.05% | 2026-03-18 | 2026-03-19 |
| CVE-2026-31962 | HTSlib is a library for reading and writing bioinformatics file formats. CRAM is a compressed format which stores DNA sequence alignment data. While most alignment records store DNA sequence and quality values, the format also allows them to omit this data in certain cases to save space. Due to some quirks of the CRAM format, it is necessary to handle these records carefully as they will actually store data that needs to be consumed and then discarded. Unfortunately the `cram_decode_seq()` did n | [email protected] | 8.8 | 0.08% | 2026-03-18 | 2026-03-19 |
| CVE-2020-36403 | HTSlib through 1.10.2 allows out-of-bounds write access in vcf_parse_format (called from vcf_parse and vcf_read). | [email protected] | 8.8 | 0.45% | 2021-07-01 | 2024-11-21 |
| CVE-2018-14329 | In HTSlib 1.8, a race condition in cram/cram_io.c might allow local users to overwrite arbitrary files via a symlink attack. | [email protected] | 4.7 | 0.04% | 2018-07-17 | 2024-11-21 |
| CVE-2018-13845 | An issue has been found in HTSlib 1.8. It is a buffer over-read in sam_parse1 in sam.c. | [email protected] | 9.8 | 0.44% | 2018-07-10 | 2024-11-21 |
| CVE-2018-13844 | An issue has been found in HTSlib 1.8. It is a memory leak in fai_read in faidx.c. NOTE: This has been disputed with the assertion that this vulnerability exists in the test harness and HTSlib users would be aware of the need to destruct this object returned by fai_load() in their own code | [email protected] | 7.5 | 0.37% | 2018-07-10 | 2024-11-21 |
| CVE-2018-13843 | An issue has been found in HTSlib 1.8. It is a memory leak in bgzf_getline in bgzf.c. NOTE: the software maintainer's position is that the "failure to free memory" can be fixed in applications that use the HTSlib library (such as test/test_bgzf.c in the original report) and is not a library issue | [email protected] | 7.5 | 0.37% | 2018-07-10 | 2024-11-21 |
| CVE-2017-1000206 | samtools htslib library version 1.4.0 and earlier is vulnerable to buffer overflow in the CRAM rANS codec resulting in potential arbitrary code execution | [email protected] | 9.8 | 0.63% | 2017-11-17 | 2026-05-13 |