CVE-2019-1010127

Name of the Vulnerable Software and Affected Versions: VCFTools versions prior to 0.1.15

Description: The issue is related to a use-after-free problem, which can lead to a Denial of Service or possibly other impacts such as code execution or information disclosure. The component affected is the header::add FILTER descriptor method in header.cpp. The attack vector involves the victim opening a specially crafted VCF file.

Recommendations: For versions prior to 0.1.15, update to version 0.1.15 or later to resolve the issue. As a temporary workaround, consider avoiding the use of the header::add FILTER descriptor method in header.cpp until a patch is available. Restrict access to specially crafted VCF files to minimize the risk of exploitation.