VYPR

BWA

by SAP

CVEs (2)

  • CVE-2019-10269Mar 29, 2019
    risk 0.00cvss epss 0.03

    BWA (aka Burrow-Wheeler Aligner) before 2019-01-23 has a stack-based buffer overflow in the bns_restore function in bntseq.c via a long sequence name in a .alt file.

  • CVE-2018-2478Nov 13, 2018
    risk 0.00cvss epss 0.02

    An attacker can use specially crafted inputs to execute commands on the host of a TREX / BWA installation, SAP Basis, versions: 7.0 to 7.02, 7.10 to 7.11, 7.30, 7.31, 7.40 and 7.50 to 7.53. Not all commands are possible, only those that can be executed by the adm user. The…