NASA Kodiak version v1.0 contains a CWE-502 vulnerability in Kodiak library's data processing function that can result in remote code execution. This attack appear to be exploitable via Victim opens an untrusted file for optimization using Kodiak library.
References
Link | Resource |
---|---|
https://github.com/nasa/Kodiak/issues/5 | Issue Tracking Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2018-02-09T23:00:00
Updated: 2018-02-09T22:57:01
Reserved: 2018-02-05T00:00:00
Link: CVE-2018-1000047
JSON object: View
NVD Information
Status : Analyzed
Published: 2018-02-09T23:29:01.573
Modified: 2018-03-01T16:12:22.173
Link: CVE-2018-1000047
JSON object: View
Redhat Information
No data.
CWE