CVE-2022-21126

Name of the Vulnerable Software and Affected Versions com.github.samtools:htsjdk versions prior to 3.0.1

Description The issue arises from the createTempDir() function in util/IOUtil.java not checking for the existence of the temporary directory before attempting to create it, leading to the creation of temporary files in directories with insecure permissions. This is due to the createTempDir() function's behavior.

Recommendations For versions prior to 3.0.1, update to version 3.0.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the temporary directory to minimize the risk of exploitation.