CVE-2018-1000048

CVE: CVE-2018-1000048
Published: 2018-02-09T23:29Z
Vendor: nasa
Products: rtretrievalframework
Versions: 1.0,
Description Language: en
Description: NASA RtRetrievalFramework version v1.0 contains a CWE-502 vulnerability in Data retrieval functionality of RtRetrieval framework that can result in remote code execution. This attack appear to be exploitable via Victim tries to retrieve and process a weather data file.
References:
https://github.com/nasa/RtRetrievalFramework/issues/1