9 matches found
EUVD-2025-8097
Malicious code in bioql PyPI...
CVE-2024-55028
A template injection vulnerability in the Dashboard of NASA Fprime v3.4.3 allows attackers to execute arbitrary code via uploading a crafted Vue file...
CVE-2024-55028
A template injection vulnerability in the Dashboard of NASA Fprime v3.4.3 allows attackers to execute arbitrary code via uploading a crafted Vue file...
CVE-2024-55028
A template injection vulnerability in the Dashboard of NASA Fprime v3.4.3 allows attackers to execute arbitrary code via uploading a crafted Vue file...
Cross-site Scripting (XSS)
Overview fprime-gds is a F Prime Flight Software Ground Data System layer Affected versions of this package are vulnerable to Cross-site Scripting XSS by uploading a malicious Vue file as a cmdDisp.CMDNOOPSTRING in the Dashboard tab. Details Cross-site scripting or XSS is a code vulnerability tha...
CVE-2024-55028
A template injection vulnerability in the Dashboard of NASA Fprime v3.4.3 allows attackers to execute arbitrary code via uploading a crafted Vue file...
CVE-2024-55028
A template injection vulnerability in the Dashboard of NASA Fprime v3.4.3 allows attackers to execute arbitrary code via uploading a crafted Vue file...
CVE-2024-55028
CVE-2024-55028 affects NASA Fprime v3.4.3 Dashboard via a template injection in the Vue-based dashboard that enables arbitrary code execution when uploading a crafted Vue file. Reported metrics show a CRITICAL CVSS 3.1 base score (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) with network exploitation, no...
fprime 代码注入漏洞
fprime is a NASA open source framework for flight software and embedded systems. A security vulnerability exists in fprime v3.4.3, which stems from template injection in the dashboard and could lead to an attacker executing arbitrary code by uploading a specially crafted Vue file...