CVE-2018-1000047
HIGHNASA Kodiak <1.0 - RCE
Title source: llmDescription
NASA Kodiak version v1.0 contains a CWE-502 vulnerability in Kodiak library's data processing function that can result in remote code execution. This attack appear to be exploitable via Victim opens an untrusted file for optimization using Kodiak library.
Scores
CVSS v3
8.8
EPSS
0.0092
EPSS Percentile
75.7%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Classification
CWE
CWE-502
Status
published
Affected Products (1)
nasa/kodiak
Timeline
Published
Feb 09, 2018
Tracked Since
Feb 18, 2026