Search criteria
12 vulnerabilities found for vcftools by vcftools_project
FKIE_CVE-2019-1010127
Vulnerability from fkie_nvd - Published: 2019-07-25 19:15 - Updated: 2024-11-21 04:17
Severity ?
Summary
VCFTools vcftools prior to version 0.1.15 is affected by: Use-after-free. The impact is: Denial of Service or possibly other impact (eg. code execution or information disclosure). The component is: The header::add_FILTER_descriptor method in header.cpp. The attack vector is: The victim must open a specially crafted VCF file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vcftools_project | vcftools | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vcftools_project:vcftools:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9C6E86CB-CBB5-4031-99C0-356DC912B2C7",
"versionEndExcluding": "0.1.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VCFTools vcftools prior to version 0.1.15 is affected by: Use-after-free. The impact is: Denial of Service or possibly other impact (eg. code execution or information disclosure). The component is: The header::add_FILTER_descriptor method in header.cpp. The attack vector is: The victim must open a specially crafted VCF file."
},
{
"lang": "es",
"value": "VCFTools vcfools anterior a la versi\u00f3n 0.1.15 esta afectado por: Uso de memoria previamente liberada. El impacto es: Denegaci\u00f3n de servicio o posiblemente otro impacto (por ejemplo, ejecuci\u00f3n de c\u00f3digo o divulgaci\u00f3n de informaci\u00f3n). El componente es: El m\u00e9todo header::add_FILTER_descriptor en archivo header.cpp. El vector de ataque es: La v\u00edctima debe abrir un archivo VCF especialmente dise\u00f1ado."
}
],
"id": "CVE-2019-1010127",
"lastModified": "2024-11-21T04:17:59.070",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-07-25T19:15:12.613",
"references": [
{
"source": "josh@bress.net",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://docs.google.com/document/d/e/2PACX-1vQJveVcGMp_NMdBY5Je2K2k63RoCYznvKjJk5u1wJRmLotvwQkG5qiqZjpABcOkjzj49wkwGweiFwrc/pub"
},
{
"source": "josh@bress.net",
"url": "https://github.com/vcftools/vcftools/issues/141"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://docs.google.com/document/d/e/2PACX-1vQJveVcGMp_NMdBY5Je2K2k63RoCYznvKjJk5u1wJRmLotvwQkG5qiqZjpABcOkjzj49wkwGweiFwrc/pub"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/vcftools/vcftools/issues/141"
}
],
"sourceIdentifier": "josh@bress.net",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2018-11099
Vulnerability from fkie_nvd - Published: 2018-05-17 19:29 - Updated: 2024-11-21 03:42
Severity ?
Summary
The header::add_INFO_descriptor function in header.cpp in VCFtools 0.1.15 allows remote attackers to cause information disclosure (heap-based buffer over-read) via a crafted vcf file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vcftools_project | vcftools | 0.1.15 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vcftools_project:vcftools:0.1.15:*:*:*:*:*:*:*",
"matchCriteriaId": "80C2DCC7-1624-4F66-89AA-2994C8B6851F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The header::add_INFO_descriptor function in header.cpp in VCFtools 0.1.15 allows remote attackers to cause information disclosure (heap-based buffer over-read) via a crafted vcf file."
},
{
"lang": "es",
"value": "La funci\u00f3n header::add_INFO_descriptor en header.cpp en VCFtools 0.1.15 permite que atacantes remotos provoquen una denegaci\u00f3n de servicio (sobrelectura de b\u00fafer basada en memoria din\u00e1mica o heap) mediante un archivo vcf manipulado."
}
],
"id": "CVE-2018-11099",
"lastModified": "2024-11-21T03:42:40.710",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-05-17T19:29:00.510",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2018/May/43"
},
{
"source": "cve@mitre.org",
"url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00039.html"
},
{
"source": "cve@mitre.org",
"url": "https://usn.ubuntu.com/3974-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2018/May/43"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00039.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/3974-1/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2018-11129
Vulnerability from fkie_nvd - Published: 2018-05-17 19:29 - Updated: 2024-11-21 03:42
Severity ?
Summary
The header::add_INFO_descriptor function in header.cpp in VCFtools 0.1.15 allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted vcf file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vcftools_project | vcftools | 0.1.15 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vcftools_project:vcftools:0.1.15:*:*:*:*:*:*:*",
"matchCriteriaId": "80C2DCC7-1624-4F66-89AA-2994C8B6851F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The header::add_INFO_descriptor function in header.cpp in VCFtools 0.1.15 allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted vcf file."
},
{
"lang": "es",
"value": "La funci\u00f3n header::add_INFO_descriptor en header.cpp en VCFtools 0.1.15 permite que atacantes remotos provoquen una denegaci\u00f3n de servicio (uso de memoria previamente liberada) o, posiblemente, cualquier otro tipo de problema mediante un archivo vcf manipulado."
}
],
"id": "CVE-2018-11129",
"lastModified": "2024-11-21T03:42:42.957",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-05-17T19:29:00.650",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2018/May/43"
},
{
"source": "cve@mitre.org",
"url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00039.html"
},
{
"source": "cve@mitre.org",
"url": "https://usn.ubuntu.com/3974-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2018/May/43"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00039.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/3974-1/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2018-11130
Vulnerability from fkie_nvd - Published: 2018-05-17 19:29 - Updated: 2024-11-21 03:42
Severity ?
Summary
The header::add_FORMAT_descriptor function in header.cpp in VCFtools 0.1.15 allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted vcf file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vcftools_project | vcftools | 0.1.15 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vcftools_project:vcftools:0.1.15:*:*:*:*:*:*:*",
"matchCriteriaId": "80C2DCC7-1624-4F66-89AA-2994C8B6851F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The header::add_FORMAT_descriptor function in header.cpp in VCFtools 0.1.15 allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted vcf file."
},
{
"lang": "es",
"value": "La funci\u00f3n header::add_FORMAT_descriptor en header.cpp en VCFtools 0.1.15 permite que atacantes remotos provoquen una denegaci\u00f3n de servicio (uso de memoria previamente liberada) o, posiblemente, cualquier otro tipo de problema mediante un archivo vcf manipulado."
}
],
"id": "CVE-2018-11130",
"lastModified": "2024-11-21T03:42:43.100",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-05-17T19:29:00.697",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2018/May/43"
},
{
"source": "cve@mitre.org",
"url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00039.html"
},
{
"source": "cve@mitre.org",
"url": "https://usn.ubuntu.com/3974-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2018/May/43"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00039.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/3974-1/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2019-1010127 (GCVE-0-2019-1010127)
Vulnerability from cvelistv5 – Published: 2019-07-25 18:35 – Updated: 2024-08-05 03:07
VLAI?
Summary
VCFTools vcftools prior to version 0.1.15 is affected by: Use-after-free. The impact is: Denial of Service or possibly other impact (eg. code execution or information disclosure). The component is: The header::add_FILTER_descriptor method in header.cpp. The attack vector is: The victim must open a specially crafted VCF file.
Severity ?
No CVSS data available.
CWE
- Use-after-free
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:07:18.079Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://docs.google.com/document/d/e/2PACX-1vQJveVcGMp_NMdBY5Je2K2k63RoCYznvKjJk5u1wJRmLotvwQkG5qiqZjpABcOkjzj49wkwGweiFwrc/pub"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/vcftools/vcftools/issues/141"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "vcftools",
"vendor": "VCFTools",
"versions": [
{
"status": "affected",
"version": "\u003c 0.1.15"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "VCFTools vcftools prior to version 0.1.15 is affected by: Use-after-free. The impact is: Denial of Service or possibly other impact (eg. code execution or information disclosure). The component is: The header::add_FILTER_descriptor method in header.cpp. The attack vector is: The victim must open a specially crafted VCF file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Use-after-free",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-07-30T13:45:44",
"orgId": "7556d962-6fb7-411e-85fa-6cd62f095ba8",
"shortName": "dwf"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.google.com/document/d/e/2PACX-1vQJveVcGMp_NMdBY5Je2K2k63RoCYznvKjJk5u1wJRmLotvwQkG5qiqZjpABcOkjzj49wkwGweiFwrc/pub"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/vcftools/vcftools/issues/141"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve-assign@distributedweaknessfiling.org",
"ID": "CVE-2019-1010127",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "vcftools",
"version": {
"version_data": [
{
"version_value": "\u003c 0.1.15"
}
]
}
}
]
},
"vendor_name": "VCFTools"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VCFTools vcftools prior to version 0.1.15 is affected by: Use-after-free. The impact is: Denial of Service or possibly other impact (eg. code execution or information disclosure). The component is: The header::add_FILTER_descriptor method in header.cpp. The attack vector is: The victim must open a specially crafted VCF file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use-after-free"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://docs.google.com/document/d/e/2PACX-1vQJveVcGMp_NMdBY5Je2K2k63RoCYznvKjJk5u1wJRmLotvwQkG5qiqZjpABcOkjzj49wkwGweiFwrc/pub",
"refsource": "MISC",
"url": "https://docs.google.com/document/d/e/2PACX-1vQJveVcGMp_NMdBY5Je2K2k63RoCYznvKjJk5u1wJRmLotvwQkG5qiqZjpABcOkjzj49wkwGweiFwrc/pub"
},
{
"name": "https://github.com/vcftools/vcftools/issues/141",
"refsource": "CONFIRM",
"url": "https://github.com/vcftools/vcftools/issues/141"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7556d962-6fb7-411e-85fa-6cd62f095ba8",
"assignerShortName": "dwf",
"cveId": "CVE-2019-1010127",
"datePublished": "2019-07-25T18:35:30",
"dateReserved": "2019-03-20T00:00:00",
"dateUpdated": "2024-08-05T03:07:18.079Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-11099 (GCVE-0-2018-11099)
Vulnerability from cvelistv5 – Published: 2018-05-17 19:00 – Updated: 2024-08-05 07:54
VLAI?
Summary
The header::add_INFO_descriptor function in header.cpp in VCFtools 0.1.15 allows remote attackers to cause information disclosure (heap-based buffer over-read) via a crafted vcf file.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:54:36.574Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20180516 vcftools 0.1.15 vuln bugs",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2018/May/43"
},
{
"name": "USN-3974-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3974-1/"
},
{
"name": "[debian-lts-announce] 20190527 [SECURITY] [DLA 1807-1] vcftools security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00039.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-05-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The header::add_INFO_descriptor function in header.cpp in VCFtools 0.1.15 allows remote attackers to cause information disclosure (heap-based buffer over-read) via a crafted vcf file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-27T22:06:02",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20180516 vcftools 0.1.15 vuln bugs",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2018/May/43"
},
{
"name": "USN-3974-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3974-1/"
},
{
"name": "[debian-lts-announce] 20190527 [SECURITY] [DLA 1807-1] vcftools security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00039.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-11099",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The header::add_INFO_descriptor function in header.cpp in VCFtools 0.1.15 allows remote attackers to cause information disclosure (heap-based buffer over-read) via a crafted vcf file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20180516 vcftools 0.1.15 vuln bugs",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2018/May/43"
},
{
"name": "USN-3974-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3974-1/"
},
{
"name": "[debian-lts-announce] 20190527 [SECURITY] [DLA 1807-1] vcftools security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00039.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-11099",
"datePublished": "2018-05-17T19:00:00",
"dateReserved": "2018-05-14T00:00:00",
"dateUpdated": "2024-08-05T07:54:36.574Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-11130 (GCVE-0-2018-11130)
Vulnerability from cvelistv5 – Published: 2018-05-17 19:00 – Updated: 2024-08-05 08:01
VLAI?
Summary
The header::add_FORMAT_descriptor function in header.cpp in VCFtools 0.1.15 allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted vcf file.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T08:01:51.164Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20180516 vcftools 0.1.15 vuln bugs",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2018/May/43"
},
{
"name": "USN-3974-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3974-1/"
},
{
"name": "[debian-lts-announce] 20190527 [SECURITY] [DLA 1807-1] vcftools security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00039.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-05-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The header::add_FORMAT_descriptor function in header.cpp in VCFtools 0.1.15 allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted vcf file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-27T22:06:02",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20180516 vcftools 0.1.15 vuln bugs",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2018/May/43"
},
{
"name": "USN-3974-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3974-1/"
},
{
"name": "[debian-lts-announce] 20190527 [SECURITY] [DLA 1807-1] vcftools security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00039.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-11130",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The header::add_FORMAT_descriptor function in header.cpp in VCFtools 0.1.15 allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted vcf file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20180516 vcftools 0.1.15 vuln bugs",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2018/May/43"
},
{
"name": "USN-3974-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3974-1/"
},
{
"name": "[debian-lts-announce] 20190527 [SECURITY] [DLA 1807-1] vcftools security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00039.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-11130",
"datePublished": "2018-05-17T19:00:00",
"dateReserved": "2018-05-15T00:00:00",
"dateUpdated": "2024-08-05T08:01:51.164Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-11129 (GCVE-0-2018-11129)
Vulnerability from cvelistv5 – Published: 2018-05-17 19:00 – Updated: 2024-08-05 08:01
VLAI?
Summary
The header::add_INFO_descriptor function in header.cpp in VCFtools 0.1.15 allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted vcf file.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T08:01:51.757Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20180516 vcftools 0.1.15 vuln bugs",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2018/May/43"
},
{
"name": "USN-3974-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3974-1/"
},
{
"name": "[debian-lts-announce] 20190527 [SECURITY] [DLA 1807-1] vcftools security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00039.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-05-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The header::add_INFO_descriptor function in header.cpp in VCFtools 0.1.15 allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted vcf file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-27T22:06:02",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20180516 vcftools 0.1.15 vuln bugs",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2018/May/43"
},
{
"name": "USN-3974-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3974-1/"
},
{
"name": "[debian-lts-announce] 20190527 [SECURITY] [DLA 1807-1] vcftools security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00039.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-11129",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The header::add_INFO_descriptor function in header.cpp in VCFtools 0.1.15 allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted vcf file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20180516 vcftools 0.1.15 vuln bugs",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2018/May/43"
},
{
"name": "USN-3974-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3974-1/"
},
{
"name": "[debian-lts-announce] 20190527 [SECURITY] [DLA 1807-1] vcftools security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00039.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-11129",
"datePublished": "2018-05-17T19:00:00",
"dateReserved": "2018-05-15T00:00:00",
"dateUpdated": "2024-08-05T08:01:51.757Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-1010127 (GCVE-0-2019-1010127)
Vulnerability from nvd – Published: 2019-07-25 18:35 – Updated: 2024-08-05 03:07
VLAI?
Summary
VCFTools vcftools prior to version 0.1.15 is affected by: Use-after-free. The impact is: Denial of Service or possibly other impact (eg. code execution or information disclosure). The component is: The header::add_FILTER_descriptor method in header.cpp. The attack vector is: The victim must open a specially crafted VCF file.
Severity ?
No CVSS data available.
CWE
- Use-after-free
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:07:18.079Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://docs.google.com/document/d/e/2PACX-1vQJveVcGMp_NMdBY5Je2K2k63RoCYznvKjJk5u1wJRmLotvwQkG5qiqZjpABcOkjzj49wkwGweiFwrc/pub"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/vcftools/vcftools/issues/141"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "vcftools",
"vendor": "VCFTools",
"versions": [
{
"status": "affected",
"version": "\u003c 0.1.15"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "VCFTools vcftools prior to version 0.1.15 is affected by: Use-after-free. The impact is: Denial of Service or possibly other impact (eg. code execution or information disclosure). The component is: The header::add_FILTER_descriptor method in header.cpp. The attack vector is: The victim must open a specially crafted VCF file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Use-after-free",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-07-30T13:45:44",
"orgId": "7556d962-6fb7-411e-85fa-6cd62f095ba8",
"shortName": "dwf"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.google.com/document/d/e/2PACX-1vQJveVcGMp_NMdBY5Je2K2k63RoCYznvKjJk5u1wJRmLotvwQkG5qiqZjpABcOkjzj49wkwGweiFwrc/pub"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/vcftools/vcftools/issues/141"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve-assign@distributedweaknessfiling.org",
"ID": "CVE-2019-1010127",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "vcftools",
"version": {
"version_data": [
{
"version_value": "\u003c 0.1.15"
}
]
}
}
]
},
"vendor_name": "VCFTools"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VCFTools vcftools prior to version 0.1.15 is affected by: Use-after-free. The impact is: Denial of Service or possibly other impact (eg. code execution or information disclosure). The component is: The header::add_FILTER_descriptor method in header.cpp. The attack vector is: The victim must open a specially crafted VCF file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use-after-free"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://docs.google.com/document/d/e/2PACX-1vQJveVcGMp_NMdBY5Je2K2k63RoCYznvKjJk5u1wJRmLotvwQkG5qiqZjpABcOkjzj49wkwGweiFwrc/pub",
"refsource": "MISC",
"url": "https://docs.google.com/document/d/e/2PACX-1vQJveVcGMp_NMdBY5Je2K2k63RoCYznvKjJk5u1wJRmLotvwQkG5qiqZjpABcOkjzj49wkwGweiFwrc/pub"
},
{
"name": "https://github.com/vcftools/vcftools/issues/141",
"refsource": "CONFIRM",
"url": "https://github.com/vcftools/vcftools/issues/141"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7556d962-6fb7-411e-85fa-6cd62f095ba8",
"assignerShortName": "dwf",
"cveId": "CVE-2019-1010127",
"datePublished": "2019-07-25T18:35:30",
"dateReserved": "2019-03-20T00:00:00",
"dateUpdated": "2024-08-05T03:07:18.079Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-11099 (GCVE-0-2018-11099)
Vulnerability from nvd – Published: 2018-05-17 19:00 – Updated: 2024-08-05 07:54
VLAI?
Summary
The header::add_INFO_descriptor function in header.cpp in VCFtools 0.1.15 allows remote attackers to cause information disclosure (heap-based buffer over-read) via a crafted vcf file.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:54:36.574Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20180516 vcftools 0.1.15 vuln bugs",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2018/May/43"
},
{
"name": "USN-3974-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3974-1/"
},
{
"name": "[debian-lts-announce] 20190527 [SECURITY] [DLA 1807-1] vcftools security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00039.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-05-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The header::add_INFO_descriptor function in header.cpp in VCFtools 0.1.15 allows remote attackers to cause information disclosure (heap-based buffer over-read) via a crafted vcf file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-27T22:06:02",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20180516 vcftools 0.1.15 vuln bugs",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2018/May/43"
},
{
"name": "USN-3974-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3974-1/"
},
{
"name": "[debian-lts-announce] 20190527 [SECURITY] [DLA 1807-1] vcftools security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00039.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-11099",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The header::add_INFO_descriptor function in header.cpp in VCFtools 0.1.15 allows remote attackers to cause information disclosure (heap-based buffer over-read) via a crafted vcf file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20180516 vcftools 0.1.15 vuln bugs",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2018/May/43"
},
{
"name": "USN-3974-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3974-1/"
},
{
"name": "[debian-lts-announce] 20190527 [SECURITY] [DLA 1807-1] vcftools security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00039.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-11099",
"datePublished": "2018-05-17T19:00:00",
"dateReserved": "2018-05-14T00:00:00",
"dateUpdated": "2024-08-05T07:54:36.574Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-11130 (GCVE-0-2018-11130)
Vulnerability from nvd – Published: 2018-05-17 19:00 – Updated: 2024-08-05 08:01
VLAI?
Summary
The header::add_FORMAT_descriptor function in header.cpp in VCFtools 0.1.15 allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted vcf file.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T08:01:51.164Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20180516 vcftools 0.1.15 vuln bugs",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2018/May/43"
},
{
"name": "USN-3974-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3974-1/"
},
{
"name": "[debian-lts-announce] 20190527 [SECURITY] [DLA 1807-1] vcftools security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00039.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-05-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The header::add_FORMAT_descriptor function in header.cpp in VCFtools 0.1.15 allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted vcf file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-27T22:06:02",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20180516 vcftools 0.1.15 vuln bugs",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2018/May/43"
},
{
"name": "USN-3974-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3974-1/"
},
{
"name": "[debian-lts-announce] 20190527 [SECURITY] [DLA 1807-1] vcftools security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00039.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-11130",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The header::add_FORMAT_descriptor function in header.cpp in VCFtools 0.1.15 allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted vcf file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20180516 vcftools 0.1.15 vuln bugs",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2018/May/43"
},
{
"name": "USN-3974-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3974-1/"
},
{
"name": "[debian-lts-announce] 20190527 [SECURITY] [DLA 1807-1] vcftools security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00039.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-11130",
"datePublished": "2018-05-17T19:00:00",
"dateReserved": "2018-05-15T00:00:00",
"dateUpdated": "2024-08-05T08:01:51.164Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-11129 (GCVE-0-2018-11129)
Vulnerability from nvd – Published: 2018-05-17 19:00 – Updated: 2024-08-05 08:01
VLAI?
Summary
The header::add_INFO_descriptor function in header.cpp in VCFtools 0.1.15 allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted vcf file.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T08:01:51.757Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20180516 vcftools 0.1.15 vuln bugs",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2018/May/43"
},
{
"name": "USN-3974-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3974-1/"
},
{
"name": "[debian-lts-announce] 20190527 [SECURITY] [DLA 1807-1] vcftools security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00039.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-05-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The header::add_INFO_descriptor function in header.cpp in VCFtools 0.1.15 allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted vcf file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-27T22:06:02",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20180516 vcftools 0.1.15 vuln bugs",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2018/May/43"
},
{
"name": "USN-3974-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3974-1/"
},
{
"name": "[debian-lts-announce] 20190527 [SECURITY] [DLA 1807-1] vcftools security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00039.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-11129",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The header::add_INFO_descriptor function in header.cpp in VCFtools 0.1.15 allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted vcf file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20180516 vcftools 0.1.15 vuln bugs",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2018/May/43"
},
{
"name": "USN-3974-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3974-1/"
},
{
"name": "[debian-lts-announce] 20190527 [SECURITY] [DLA 1807-1] vcftools security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00039.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-11129",
"datePublished": "2018-05-17T19:00:00",
"dateReserved": "2018-05-15T00:00:00",
"dateUpdated": "2024-08-05T08:01:51.757Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}