Nasa Fprime vulnerabilities
4 known vulnerabilities affecting nasa/fprime.
Total CVEs
4
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL3MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2024-55030P2CRITICALCVSS 9.8v3.4.32025-03-25
CVE-2024-55030 [CRITICAL] CWE-77 CVE-2024-55030: A command injection vulnerability in the Command Dispatcher Service of NASA Fprime v3.4.3 allows att
A command injection vulnerability in the Command Dispatcher Service of NASA Fprime v3.4.3 allows attackers to execute arbitrary commands.
nvd
CVE-2026-41144P2CRITICALCVSS 9.8v4.1.1fixed in 4.2.02026-04-22
CVE-2026-41144 [CRITICAL] CWE-190 CVE-2026-41144: F´ (F Prime) is a framework that enables development and deployment of spaceflight and other embedde
F´ (F Prime) is a framework that enables development and deployment of spaceflight and other embedded software applications. Prior to version 4.2.0, the bounds check byteOffset + dataSize > fileSize uses U32 addition that wraps around on overflow. An attacker-crafted DataPacket with byteOffset=0xFFFFFF9C and dataSize=100 overflows to 0, bypassing
nvd
CVE-2024-55028P3CRITICALCVSS 9.8v3.4.32025-03-25
CVE-2024-55028 [CRITICAL] CWE-94 CVE-2024-55028: A template injection vulnerability in the Dashboard of NASA Fprime v3.4.3 allows attackers to execut
A template injection vulnerability in the Dashboard of NASA Fprime v3.4.3 allows attackers to execute arbitrary code via uploading a crafted Vue file.
nvd
CVE-2024-55029P4MEDIUMCVSS 6.1v3.4.32025-03-25
CVE-2024-55029 [MEDIUM] CWE-79 CVE-2024-55029: NASA Fprime v3.4.3 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities.
NASA Fprime v3.4.3 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities.
nvd