Vulnerabilities > Nasa > Cryptolib > 1.1.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-04-27 | CVE-2025-46672 | Unchecked Return Value vulnerability in Nasa Cryptolib NASA CryptoLib before 1.3.2 does not check the OTAR crypto function returned status, potentially leading to spacecraft hijacking. | 8.8 |
| 2025-04-27 | CVE-2025-46673 | Improper Control of Dynamically-Managed Code Resources vulnerability in Nasa Cryptolib NASA CryptoLib before 1.3.2 does not check whether the SA is in an operational state before use, possibly leading to a bypass of the Space Data Link Security protocol (SDLS). | 9.9 |
| 2025-04-27 | CVE-2025-46674 | Unspecified vulnerability in Nasa Cryptolib NASA CryptoLib before 1.3.2 uses Extended Procedures that are a Work in Progress (not intended for use during flight), potentially leading to a keystream oracle. | 9.9 |
| 2025-04-27 | CVE-2025-46675 | Improper Control of Dynamically-Managed Code Resources vulnerability in Nasa Cryptolib In NASA CryptoLib before 1.3.2, the key state is not checked before use, potentially leading to spacecraft hijacking. | 4.2 |
| 2025-04-01 | CVE-2025-30356 | Out-of-bounds Write vulnerability in Nasa Cryptolib CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. | 9.8 |
| 2025-03-25 | CVE-2025-30216 | Heap-based Buffer Overflow vulnerability in Nasa Cryptolib CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. | 9.1 |
| 2025-03-17 | CVE-2025-29912 | Heap-based Buffer Overflow vulnerability in Nasa Cryptolib CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. | 9.8 |
| 2025-03-17 | CVE-2025-29913 | Integer Underflow (Wrap or Wraparound) vulnerability in Nasa Cryptolib CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. | 9.8 |
| 2025-03-17 | CVE-2025-29909 | Unspecified vulnerability in Nasa Cryptolib CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. | 9.8 |