PT-2018-9233 · Nasa · Nasa Pyblock
Publicado
2018-02-09
·
Atualizado
2018-03-01
·
CVE-2018-1000046
CVSS v3.1
7.8
Alta
| Vetor | AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions:
NASA Pyblock versions v1.0 through v1.3
Description:
The issue is related to a CWE-502 vulnerability in the Radar data parsing library, which can result in remote code execution. This can be exploited via a victim opening a specially crafted radar data file.
Recommendations:
For NASA Pyblock versions v1.0 through v1.3, update to version v1.4 to resolve the issue.
Correção
Deserialization of Untrusted Data
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Nasa Pyblock