VYPR

CFITSIO

by Nasa

CVEs (5)

  • CVE-2018-3849HigApr 16, 2018
    risk 0.58cvss 8.8epss 0.04

    In the ffghtb function in NASA CFITSIO 3.42, specially crafted images parsed via the library can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can deliver an FIT image to trigger this vulnerability and potentially gain code execution.

  • CVE-2018-3848HigApr 16, 2018
    risk 0.58cvss 8.8epss 0.04

    In the ffghbn function in NASA CFITSIO 3.42, specially crafted images parsed via the library can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can deliver an FIT image to trigger this vulnerability and potentially gain code execution.

  • CVE-2018-3847HigAug 1, 2018
    risk 0.57cvss 8.8epss 0.03

    Multiple exploitable buffer overflow vulnerabilities exist in image parsing functionality of the CFITSIO library version 3.42. Specially crafted images parsed via the library, can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can deliver an FIT…

  • CVE-2018-3846HigApr 16, 2018
    risk 0.57cvss 8.8epss 0.03

    In the ffgphd and ffgtkn functions in NASA CFITSIO 3.42, specially crafted images parsed via the library can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can deliver an FIT image to trigger this vulnerability and potentially gain code execution.

  • CVE-2019-1010060Jul 16, 2019
    risk 0.01cvss epss 0.07

    NASA CFITSIO prior to 3.43 is affected by: Buffer Overflow. The impact is: arbitrary code execution. The component is: over 40 source code files were changed. The attack vector is: remote unauthenticated attacker. The fixed version is: 3.43. NOTE: this CVE refers to the issues…