Fprime
by Nasa
Source repositories
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-41144 | Non | 0.00 | 0.0 | 0.00 | Apr 22, 2026 | F´ (F Prime) is a framework that enables development and deployment of spaceflight and other embedded software applications. Prior to version 4.2.0, the bounds check byteOffset + dataSize > fileSize uses U32 addition that wraps around on overflow. An attacker-crafted DataPacket… | ||
| CVE-2024-55030 | 0.00 | — | 0.02 | Mar 25, 2025 | A command injection vulnerability in the Command Dispatcher Service of NASA Fprime v3.4.3 allows attackers to execute arbitrary commands. | |||
| CVE-2024-55028 | 0.00 | — | 0.01 | Mar 25, 2025 | A template injection vulnerability in the Dashboard of NASA Fprime v3.4.3 allows attackers to execute arbitrary code via uploading a crafted Vue file. | |||
| CVE-2024-55029 | 0.00 | — | 0.00 | Mar 25, 2025 | NASA Fprime v3.4.3 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities. |
- risk 0.00cvss 0.0epss 0.00
F´ (F Prime) is a framework that enables development and deployment of spaceflight and other embedded software applications. Prior to version 4.2.0, the bounds check byteOffset + dataSize > fileSize uses U32 addition that wraps around on overflow. An attacker-crafted DataPacket…
- CVE-2024-55030Mar 25, 2025risk 0.00cvss —epss 0.02
A command injection vulnerability in the Command Dispatcher Service of NASA Fprime v3.4.3 allows attackers to execute arbitrary commands.
- CVE-2024-55028Mar 25, 2025risk 0.00cvss —epss 0.01
A template injection vulnerability in the Dashboard of NASA Fprime v3.4.3 allows attackers to execute arbitrary code via uploading a crafted Vue file.
- CVE-2024-55029Mar 25, 2025risk 0.00cvss —epss 0.00
NASA Fprime v3.4.3 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities.