Security
Headlines

Headlines Latest CVEs

Headline

GHSA-96vh-4rfp-c42c: HTSJDK is vulnerable to exposure of resource(s) to the wrong sphere

The package com.github.samtools:htsjdk before 3.0.1 are vulnerable to Creation of Temporary File in Directory with Insecure Permissions due to the createTempDir() function in util/IOUtil.java not checking for the existence of the temporary directory before attempting to create it.

2 years ago

HTSJDK is vulnerable to exposure of resource(s) to the wrong sphere

High severity GitHub Reviewed Published Nov 29, 2022 • Updated Dec 2, 2022

Related news

CVE-2022-21126: [SECURITY] Fix Temporary Directory Hijacking or Information Disclosure Vulnerability by JLLeitschuh · Pull Request #1617 · samtools/htsjdk

The package com.github.samtools:htsjdk before 3.0.1 are vulnerable to Creation of Temporary File in Directory with Insecure Permissions due to the createTempDir() function in util/IOUtil.java not checking for the existence of the temporary directory before attempting to create it.

2 years ago

#vulnerability #mac #windows #git #java

ghsa: Latest News

GHSA-mj5r-x73q-fjw6: SPEmailHandler-PHP has Potential Abuse for Sending Arbitrary Emails

18 hours ago

GHSA-jwcm-9g39-pmcw: Recursive repository cloning can leak authentication tokens to non-GitHub submodule hosts

18 hours ago

GHSA-55v3-xh23-96gh: `auth.TokenForHost` violates GitHub host security boundary when sourcing authentication token within a codespace

18 hours ago

GHSA-j6vm-4r7g-x4gr: Devolutions.XTS.NET Vulnerable to Timing Attack on GF Multiplications

21 hours ago

GHSA-6q3q-6v5j-h6vg: Querydsl vulnerable to HQL injection trough orderBy

21 hours ago