Lucene search
+L

185 matches found

EUVD
EUVD
added 2026/01/10 12:20 a.m.6 views

EUVD-2026-1891

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. Prior to version 1.4.3, when the KMC server returns a non-200 HTTP...

6.3CVSS6.4AI score0.00497EPSS
Exploits1References3
CVE
CVE
added 2026/01/10 12:20 a.m.18 views

CVE-2026-22025

CryptoLib’s memory-leak vulnerability affects the KMC client: when a non-200 HTTP response is returned, cryptography_encrypt() and cryptography_decrypt() fail to free previously allocated buffers, leaking ~467 bytes per failed request and risking memory exhaustion with repeated failures. This occ...

6.3CVSS6.5AI score0.00497EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2026/01/10 12:20 a.m.28 views

CVE-2026-22025 CryptoLib Memory Leak on HTTP Error Response in KMC Client

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. Prior to version 1.4.3, when the KMC server returns a non-200 HTTP...

6.3CVSS0.00497EPSS
Exploits1References3
OSV
OSV
added 2026/01/10 12:20 a.m.6 views

CVE-2026-22025 CryptoLib Memory Leak on HTTP Error Response in KMC Client

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. Prior to version 1.4.3, when the KMC server returns a non-200 HTTP...

6.3CVSS6.8AI score0.00497EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/01/10 12:19 a.m.6 views

CVE-2026-22024 CryptoLib Memory Leak in KMC Encrypt Function Leads to Resource Exhaustion

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. Prior to version 1.4.3, the cryptographyencrypt function allocates...

6.3CVSS6.8AI score0.00432EPSS
Exploits1References3
CVE
CVE
added 2026/01/10 12:19 a.m.17 views

CVE-2026-22024

CryptoLib (SDLS-EP) memory leak in the cryptography_encrypt() function: prior to version 1.4.3, repeated HTTP requests/JSON parsing allocate buffers that are never freed, leaking ~400 bytes per call. Under sustained traffic this can exhaust memory on affected spacecraft-ground station communicati...

6.3CVSS6.8AI score0.00432EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2026/01/10 12:17 a.m.7 views

CVE-2026-22023 CryptoLib Has Out-of-Bounds Read in KMC AEAD Encrypt Metadata Parsing via Flawed strtok Pattern

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. Prior to version 1.4.3, there is an out-of-bounds heap read...

8.2CVSS6.7AI score0.00525EPSS
Exploits1References5
OSV
OSV
added 2026/01/10 12:14 a.m.7 views

CVE-2026-21900 CryptoLib Has Out-of-Bounds Read in KMC Encrypt Metadata Parsing via Flawed strtok Pattern

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. Prior to version 1.4.3, an out-of-bounds heap read vulnerability in...

8.2CVSS6.9AI score0.00514EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/01/10 12:11 a.m.2 views

CVE-2026-21899 CryptoLib has an out-of-bounds read and crash vulnerability when decoding an empty Base64url string

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. Prior to version 1.4.3, in base64urlDecode, padding-stripping...

4.7CVSS6.5AI score0.00317EPSS
Exploits1References2
OSV
OSV
added 2026/01/10 12:10 a.m.6 views

CVE-2026-21898 CryptoLib Has Out-of-bounds Read in Crypto_AOS_ProcessSecurity

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. Prior to version 1.4.3, the CryptoAOSProcessSecurity function reads...

8.2CVSS6.8AI score0.00414EPSS
Exploits1References4
EUVD
EUVD
added 2026/01/10 12:10 a.m.5 views

EUVD-2026-1896

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. Prior to version 1.4.3, the CryptoAOSProcessSecurity function reads...

8.2CVSS6.4AI score0.00414EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/01/10 12:10 a.m.28 views

CVE-2026-21898 CryptoLib Has Out-of-bounds Read in Crypto_AOS_ProcessSecurity

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. Prior to version 1.4.3, the CryptoAOSProcessSecurity function reads...

8.2CVSS0.00414EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/01/10 12:0 a.m.7 views

CryptoLib 安全漏洞

CryptoLib is a NASA open source application. It is used to provide a software-only solution using the CCSDS space data link security protocol. A security vulnerability exists in CryptoLib versions prior to 1.4.3 that stems from an unfilled memory buffer allocated by the cryptographyencrypt...

6.3CVSS6.6AI score0.00432EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/01/10 12:0 a.m.14 views

PT-2026-2133

Name of the Vulnerable Software and Affected Versions CryptoLib versions prior to 1.4.3 Description CryptoLib is a software solution utilizing the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft and a ground station. Before versi...

6.3CVSS6.6AI score0.00497EPSS
Exploits1References7
CNNVD
CNNVD
added 2026/01/10 12:0 a.m.5 views

CryptoLib 缓冲区错误漏洞

CryptoLib is a NASA open source application. It is used to provide a software-only solution using the CCSDS space data link security protocol. A buffer error vulnerability exists in CryptoLib versions prior to 1.4.3, which stems from a lack of valid boundary checks when parsing AOS frame hashes,...

8.2CVSS6.7AI score0.00414EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/01/10 12:0 a.m.3 views

CryptoLib 缓冲区错误漏洞

CryptoLib is a NASA open source application. It is used to provide a software-only solution using the CCSDS space data link security protocol. A buffer error vulnerability exists in CryptoLib versions prior to 1.4.3, which stems from insufficient array boundary checking leading to out-of-bounds...

7.3CVSS6.7AI score0.00261EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/01/10 12:0 a.m.5 views

CryptoLib 安全漏洞

CryptoLib is a NASA open source application. It is used to provide a software-only solution using the CCSDS space data link security protocol. A security vulnerability exists in CryptoLib versions prior to 1.4.3 that stems from a failure to enforce target size limits during Base64 decoding, which...

7.5CVSS7.5AI score0.00453EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/01/10 12:0 a.m.8 views

PT-2026-2132

Name of the Vulnerable Software and Affected Versions CryptoLib versions prior to 1.4.3 Description CryptoLib is a software-only solution utilizing the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight Syste...

6.3CVSS6.7AI score0.00432EPSS
Exploits1References11
CNNVD
CNNVD
added 2026/01/10 12:0 a.m.4 views

CryptoLib 缓冲区错误漏洞

CryptoLib is a NASA open source application. It is used to provide a software-only solution using the CCSDS space data link security protocol. A buffer error vulnerability exists in CryptoLib versions prior to 1.4.3, which stems from the base64urlDecode function dereferencing the input before...

4.9CVSS6.6AI score0.00317EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/01/10 12:0 a.m.6 views

PT-2026-2130

Name of the Vulnerable Software and Affected Versions CryptoLib versions prior to 1.4.3 Description CryptoLib is a software solution utilizing the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft and a ground station. An...

8.2CVSS6.8AI score0.00514EPSS
Exploits1References11
Rows per page
Query Builder