Remote Command Execution Vulnerability in NASA AIT-Core Software
CVE-2024-35060
Currently unrated
What is CVE-2024-35060?
A security flaw in the YAML Python library utilized by NASA's AIT-Core version 2.5.2 enables potential attackers to execute arbitrary commands through specially crafted YAML files. This vulnerability arises from improper handling of the input, allowing malicious users to exploit the system by supplying manipulated data. Organizations using this version of AIT-Core should take immediate action to mitigate risks associated with unauthorized command executions.