PT-2018-9233 · Nasa · Nasa Pyblock
Published
2018-02-09
·
Updated
2018-03-01
·
CVE-2018-1000046
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions:
NASA Pyblock versions v1.0 through v1.3
Description:
The issue is related to a CWE-502 vulnerability in the Radar data parsing library, which can result in remote code execution. This can be exploited via a victim opening a specially crafted radar data file.
Recommendations:
For NASA Pyblock versions v1.0 through v1.3, update to version v1.4 to resolve the issue.
Fix
Deserialization of Untrusted Data
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Nasa Pyblock