CVE-2018-1000045
First published: Fri Feb 09 2018(Updated: )
NASA Singledop version v1.0 contains a CWE-502 vulnerability in NASA Singledop library (Weather data) that can result in remote code execution. This attack appear to be exploitable via Victim opening a specially crafted radar data file. This vulnerability appears to have been fixed in v1.1.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| NASA Singledop | =1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID of this NASA Singledop version v1.0 vulnerability?
The vulnerability ID is CVE-2018-1000045.
What is the severity of CVE-2018-1000045?
The severity of CVE-2018-1000045 is high with a severity value of 7.8 out of 10.
What is the affected software of CVE-2018-1000045?
The affected software is NASA Singledop version 1.0.
What is the CWE of CVE-2018-1000045?
The CWE of CVE-2018-1000045 is 502.
How can the vulnerability in NASA Singledop version v1.0 be exploited?
The vulnerability in NASA Singledop version v1.0 can be exploited by opening a specially crafted radar data file.
Has the vulnerability in NASA Singledop version v1.0 been fixed?
Yes, the vulnerability in NASA Singledop version v1.0 has been fixed in version 1.1.
Where can I find more information about the fix for CVE-2018-1000045?
You can find more information about the fix for CVE-2018-1000045 at the following link: [GitHub Pull Request](https://github.com/nasa/SingleDop/pull/19)
- collector/nvd-index
- agent/severity
- agent/weakness
- agent/references
- agent/author
- agent/type
- agent/event
- agent/description
- agent/first-publish-date
- agent/softwarecombine
- agent/last-modified-date
- agent/remedy
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/nasa
- canonical/nasa singledop
- version/nasa singledop/1.0