nasa fprime CVE Vulnerabilities (4)

CVEs: 4 CPE versions: View versions table

Summary

This page lists publicly disclosed CVE vulnerabilities affecting nasa fprime (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.

Showing 14 of 4 CVEs
«« First « Prev Page 1 / 1 Next »
CVE Summary Source Max CVSS EPSS % Published Updated
CVE-2026-41144 F´ (F Prime) is a framework that enables development and deployment of spaceflight and other embedded software applications. Prior to version 4.2.0, the bounds check byteOffset + dataSize > fileSize uses U32 addition that wraps around on overflow. An attacker-crafted DataPacket with byteOffset=0xFFFFFF9C and dataSize=100 overflows to 0, bypassing the check entirely. The subsequent file write proceeds at the original ~4GB offset. Additionally, Svc/FileUplink/File.cpp:20-31 performs no sanitizatio [email protected] 0.0 0.43% 2026-04-21 2026-06-17
CVE-2024-55030 A command injection vulnerability in the Command Dispatcher Service of NASA Fprime v3.4.3 allows attackers to execute arbitrary commands. [email protected] 9.8 1.66% 2025-03-25 2026-06-17
CVE-2024-55029 NASA Fprime v3.4.3 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities. [email protected] 6.1 0.27% 2025-03-25 2026-06-17
CVE-2024-55028 A template injection vulnerability in the Dashboard of NASA Fprime v3.4.3 allows attackers to execute arbitrary code via uploading a crafted Vue file. [email protected] 9.8 0.68% 2025-03-25 2026-06-17
«« First « Prev Page 1 / 1 Next »
cvelogic Threat Intelligence