Lucene search
GitHub Advisory DatabaseGHSA-JQFF-8G2V-642HHistoryMay 21, 2024 - 9:30 p.m.
NASA AIT-Core vulnerable to remote code execution
2024-05-2121:30:27
CWE-74
GitHub Advisory Database
github.com
3
nasa
ait-core
v2.5.2
pickle python library
vulnerability
remote code execution
software
arbitrary commands
7.5 High
CVSS3
Attack Vector
ADJACENT
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
7.8 High
AI Score
Confidence
High
An issue in the Pickle Python library of NASA AIT-Core v2.5.2 allows attackers to execute arbitrary commands.
Affected configurations
Node
aitcoreRange≤2.5.2
Related
cvelist
cvelist
CVE-2024-35059
1976-01-01 00:00:00
CVE-2024-35061
1976-01-01 00:00:00
vulnrichment
vulnrichment
CVE-2024-35059
1976-01-01 00:00:00
CVE-2024-35061
1976-01-01 00:00:00
veracode
veracode
Remote Code Execution (RCE)
2024-05-27 06:14:27
cve
cve
CVE-2024-35059
2024-05-21 19:15:10
CVE-2024-35061
2024-05-21 19:15:10
nvd
nvd
CVE-2024-35059
2024-05-21 19:15:10
CVE-2024-35061
2024-05-21 19:15:10
osv
osv
NASA AIT-Core vulnerable to remote code execution
2024-05-21 21:30:27
7.5 High
CVSS3
Attack Vector
ADJACENT
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
7.8 High
AI Score
Confidence
High
Related for GHSA-JQFF-8G2V-642H