OSV-2025-729

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/htslib/OSV-2025-729.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2025-729
Published
2025-09-13T00:08:43.863495Z
Modified
2025-09-13T00:08:43.863848Z
Summary
UNKNOWN READ in sam_hrecs_free_tags
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=444492076

Crash type: UNKNOWN READ
Crash state:
sam_hrecs_free_tags
sam_hrecs_parse_single_line
sam_hdr_build_from_sam_file
References

Affected packages

OSS-Fuzz / htslib

Package

Name
htslib
Purl
pkg:generic/htslib

Affected ranges

Type
GIT
Repo
https://github.com/samtools/htslib.git
Events
Introduced
ab4abb78d1d43ddfccad3317a156d4bc4031e80e
Fixed
2a4eac0fb2ccec7429e8325d1bb8d5e3f4e93813
Fixed
c767e60edc31bd40f7d20f09ad5e8f750550be5b

Ecosystem specific 

{
    "severity": "MEDIUM"
}

Database specific 

{
    "introduced_range": "ca3a57b7d6809b2bf869e357b7840f1a3ca7eb19:3668b932bdb9f737c4af9c28ddbf0472156a5f24",
    "fixed_range": "3668b932bdb9f737c4af9c28ddbf0472156a5f24:c767e60edc31bd40f7d20f09ad5e8f750550be5b"
}