Vulnerabilities > Nasa > Cryptolib > 1.1.0

DATE CVE VULNERABILITY TITLE RISK
2025-04-27 CVE-2025-46672 Unchecked Return Value vulnerability in Nasa Cryptolib
NASA CryptoLib before 1.3.2 does not check the OTAR crypto function returned status, potentially leading to spacecraft hijacking.
network
low complexity
nasa CWE-252
8.8
2025-04-27 CVE-2025-46673 Improper Control of Dynamically-Managed Code Resources vulnerability in Nasa Cryptolib
NASA CryptoLib before 1.3.2 does not check whether the SA is in an operational state before use, possibly leading to a bypass of the Space Data Link Security protocol (SDLS).
network
low complexity
nasa CWE-913
critical
9.9
2025-04-27 CVE-2025-46674 Unspecified vulnerability in Nasa Cryptolib
NASA CryptoLib before 1.3.2 uses Extended Procedures that are a Work in Progress (not intended for use during flight), potentially leading to a keystream oracle.
network
low complexity
nasa
critical
9.9
2025-04-27 CVE-2025-46675 Improper Control of Dynamically-Managed Code Resources vulnerability in Nasa Cryptolib
In NASA CryptoLib before 1.3.2, the key state is not checked before use, potentially leading to spacecraft hijacking.
network
high complexity
nasa CWE-913
4.2
2025-04-01 CVE-2025-30356 Out-of-bounds Write vulnerability in Nasa Cryptolib
CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station.
network
low complexity
nasa CWE-787
critical
9.8
2025-03-25 CVE-2025-30216 Heap-based Buffer Overflow vulnerability in Nasa Cryptolib
CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station.
network
low complexity
nasa CWE-122
critical
9.1
2025-03-17 CVE-2025-29912 Heap-based Buffer Overflow vulnerability in Nasa Cryptolib
CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station.
network
low complexity
nasa CWE-122
critical
9.8
2025-03-17 CVE-2025-29913 Integer Underflow (Wrap or Wraparound) vulnerability in Nasa Cryptolib
CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station.
network
low complexity
nasa CWE-191
critical
9.8
2025-03-17 CVE-2025-29909 Unspecified vulnerability in Nasa Cryptolib
CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station.
network
low complexity
nasa
critical
9.8