CVE-2024-35059

An issue in the Pickle Python library of NASA AIT-Core v2.5.2 allows attackers to execute arbitrary commands.
Configurations

Configuration 1 (hide)

cpe:2.3:a:nasa:ait_core:*:*:*:*:*:*:*:*

History

03 Jun 2025, 14:15

Type Values Removed Values Added
References () https://github.com/advisories/GHSA-jqff-8g2v-642h - () https://github.com/advisories/GHSA-jqff-8g2v-642h - Third Party Advisory
References () https://www.linkedin.com/pulse/remote-code-execution-via-man-in-the-middle-more-ujkze - () https://www.linkedin.com/pulse/remote-code-execution-via-man-in-the-middle-more-ujkze - Exploit
CPE cpe:2.3:a:nasa:ait_core:*:*:*:*:*:*:*:*
First Time Nasa
Nasa ait Core

21 Nov 2024, 09:19

Type Values Removed Values Added
References () https://github.com/advisories/GHSA-jqff-8g2v-642h - () https://github.com/advisories/GHSA-jqff-8g2v-642h -
References () https://www.linkedin.com/pulse/remote-code-execution-via-man-in-the-middle-more-ujkze - () https://www.linkedin.com/pulse/remote-code-execution-via-man-in-the-middle-more-ujkze -

17 Jul 2024, 16:15

Type Values Removed Values Added
References
  • () https://github.com/advisories/GHSA-jqff-8g2v-642h -

03 Jul 2024, 02:01

Type Values Removed Values Added
Summary
  • (es) Un problema en la librería Pickle Python de NASA AIT-Core v2.5.2 permite a los atacantes ejecutar comandos arbitrarios.
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.5
CWE CWE-319

21 May 2024, 19:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-05-21 19:15

Updated : 2025-06-03 14:15


NVD link : CVE-2024-35059

Mitre link : CVE-2024-35059

CVE.ORG link : CVE-2024-35059


JSON object : View

Products Affected

nasa

  • ait_core
CWE
CWE-319

Cleartext Transmission of Sensitive Information