High severity7.8NVD Advisory· Published Feb 9, 2018· Updated Jun 17, 2026
CVE-2018-1000045
CVE-2018-1000045
Description
NASA Singledop version v1.0 contains a CWE-502 vulnerability in NASA Singledop library (Weather data) that can result in remote code execution. This attack appear to be exploitable via Victim opening a specially crafted radar data file. This vulnerability appears to have been fixed in v1.1.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2<=1.1.0,>1.0.0... Actually the description says introduced in v1.0 and fixed in v1.1, so affected is =1.0.0 or <1.1? Let me think: 'contains a CWE-502 vulnerability in NASA Singledop library' and 'fixed in v1.1'. So versions before 1.1 are affected, starting from v1.0. So version range: >=1.0,<1.1. Or just =1.0.0? 'Singledop version v1.0' might mean only v1.0 is affected. Let me use =1.0.0 to be precise.+ 1 more
- (no CPE)range: <=1.1.0,>1.0.0... Actually the description says introduced in v1.0 and fixed in v1.1, so affected is =1.0.0 or <1.1? Let me think: 'contains a CWE-502 vulnerability in NASA Singledop library' and 'fixed in v1.1'. So versions before 1.1 are affected, starting from v1.0. So version range: >=1.0,<1.1. Or just =1.0.0? 'Singledop version v1.0' might mean only v1.0 is affected. Let me use =1.0.0 to be precise.
- (no CPE)range: =1.0
Patches
Vulnerability mechanics
References
1- github.com/nasa/SingleDop/pull/19nvdIssue TrackingPatch
News mentions
0No linked articles in our index yet.