CNNVD-202601-1773 Information

CNNVD ID

CNNVD-202601-1773

Related CVE

CVE-2026-22697

• CNNVD Published: 2026-01-10

Description (Chinese)

CryptoLib是NASA开源的一个应用程序。用于使用 CCSDS 空间数据链路安全协议提供纯软件解决方案。 CryptoLib 1.4.3之前版本存在安全漏洞，该漏洞源于Base64解码时未强制执行目标大小限制，可能导致堆缓冲区溢出和代码执行。

Description (English)

Criptolib is an application from NASA open source. Provides pure software solutions using CCDS spatial data link security protocols. The previous version of CrystalLib 1.4.3 had a security loophole, which stemmed from the lack of enforcement of target size limits when the Base64 code was decoded, which could result in spilling over the buffer zone and code implementation.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

美国国家航空航天局

Published

2026-01-10

Last Modified

2026-02-24

References

https://github.com/nasa/CryptoLib/releases/tag/v1.4.3 https://github.com/nasa/CryptoLib/security/advisories/GHSA-qjx3-83jh-2jc4

Patch

https://github.com/nasa/CryptoLib/releases