{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-22023", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-01-05T22:30:38.717Z", "datePublished": "2026-01-10T00:17:03.148Z", "dateUpdated": "2026-01-13T17:17:39.426Z"}, "containers": {"cna": {"title": "CryptoLib Has Out-of-Bounds Read in KMC AEAD Encrypt Metadata Parsing via Flawed strtok Pattern", "problemTypes": [{"descriptions": [{"cweId": "CWE-125", "lang": "en", "description": "CWE-125: Out-of-bounds Read", "type": "CWE"}]}], "metrics": [{"cvssV4_0": {"attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "baseScore": 8.2, "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", "version": "4.0"}}], "references": [{"name": "https://github.com/nasa/CryptoLib/security/advisories/GHSA-8w3h-q8jm-3chq", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/nasa/CryptoLib/security/advisories/GHSA-8w3h-q8jm-3chq"}, {"name": "https://github.com/nasa/CryptoLib/commit/2372efd3da1ccb226b4297222e25f41ecc84821d", "tags": ["x_refsource_MISC"], "url": "https://github.com/nasa/CryptoLib/commit/2372efd3da1ccb226b4297222e25f41ecc84821d"}, {"name": "https://github.com/nasa/CryptoLib/releases/tag/v1.4.3", "tags": ["x_refsource_MISC"], "url": "https://github.com/nasa/CryptoLib/releases/tag/v1.4.3"}], "affected": [{"vendor": "nasa", "product": "CryptoLib", "versions": [{"version": "< 1.4.3", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-01-10T00:17:03.148Z"}, "descriptions": [{"lang": "en", "value": "CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. Prior to version 1.4.3, there is an out-of-bounds heap read vulnerability in cryptography_aead_encrypt(). This issue has been patched in version 1.4.3."}], "source": {"advisory": "GHSA-8w3h-q8jm-3chq", "discovery": "UNKNOWN"}}, "adp": [{"references": [{"url": "https://github.com/nasa/CryptoLib/security/advisories/GHSA-8w3h-q8jm-3chq", "tags": ["exploit"]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-01-13T17:17:35.907425Z", "id": "CVE-2026-22023", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-13T17:17:39.426Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-22023", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-01-13T17:17:35.907425Z"}}}], "references": [{"url": "https://github.com/nasa/CryptoLib/security/advisories/GHSA-8w3h-q8jm-3chq", "tags": ["exploit"]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-13T17:17:28.473Z"}}], "cna": {"title": "CryptoLib Has Out-of-Bounds Read in KMC AEAD Encrypt Metadata Parsing via Flawed strtok Pattern", "source": {"advisory": "GHSA-8w3h-q8jm-3chq", "discovery": "UNKNOWN"}, "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 8.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE"}}], "affected": [{"vendor": "nasa", "product": "CryptoLib", "versions": [{"status": "affected", "version": "< 1.4.3"}]}], "references": [{"url": "https://github.com/nasa/CryptoLib/security/advisories/GHSA-8w3h-q8jm-3chq", "name": "https://github.com/nasa/CryptoLib/security/advisories/GHSA-8w3h-q8jm-3chq", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/nasa/CryptoLib/commit/2372efd3da1ccb226b4297222e25f41ecc84821d", "name": "https://github.com/nasa/CryptoLib/commit/2372efd3da1ccb226b4297222e25f41ecc84821d", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/nasa/CryptoLib/releases/tag/v1.4.3", "name": "https://github.com/nasa/CryptoLib/releases/tag/v1.4.3", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. Prior to version 1.4.3, there is an out-of-bounds heap read vulnerability in cryptography_aead_encrypt(). This issue has been patched in version 1.4.3."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-125", "description": "CWE-125: Out-of-bounds Read"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-01-10T00:17:03.148Z"}}}, "cveMetadata": {"cveId": "CVE-2026-22023", "state": "PUBLISHED", "dateUpdated": "2026-01-13T17:17:39.426Z", "dateReserved": "2026-01-05T22:30:38.717Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-01-10T00:17:03.148Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:nasa:cryptolib:*:*:*:*:*:*:*:*", "matchCriteriaId": "AE1BE91E-2901-42AF-BC66-762CFA7A2582", "versionEndExcluding": "1.4.3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. Prior to version 1.4.3, there is an out-of-bounds heap read vulnerability in cryptography_aead_encrypt(). This issue has been patched in version 1.4.3."}], "id": "CVE-2026-22023", "lastModified": "2026-01-16T16:45:11.670", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 8.2, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2026-01-10T01:16:18.410", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/nasa/CryptoLib/commit/2372efd3da1ccb226b4297222e25f41ecc84821d"}, {"source": "security-advisories@github.com", "tags": ["Release Notes"], "url": "https://github.com/nasa/CryptoLib/releases/tag/v1.4.3"}, {"source": "security-advisories@github.com", "tags": ["Exploit", "Vendor Advisory"], "url": "https://github.com/nasa/CryptoLib/security/advisories/GHSA-8w3h-q8jm-3chq"}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "tags": ["Exploit", "Vendor Advisory"], "url": "https://github.com/nasa/CryptoLib/security/advisories/GHSA-8w3h-q8jm-3chq"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-125"}], "source": "security-advisories@github.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-18T16:35:14.999543+00:00", "value": {"mitigation_remediation": ["Upgrade CryptoLib to version 1.4.3 or newer using the official release from GitHub", "Replace the vulnerable AEAD encryption routine with a vetted third\u2011party implementation that does not contain the out\u2011of\u2011bounds read", "Insert defensive bounds checks around metadata parsing in the cryptography_aead_encrypt function"], "summary": {"action": "Immediate Patch", "impact": "Confidentiality Exposure"}, "threat_synthesis": {"affected_systems": "NASA\u2019s CryptoLib is the affected vendor and product. Any installation using CryptoLib before release 1.4.3 is vulnerable; version 1.4.3 and later contain the patch.", "description_and_impact": "CryptoLib implements the CCSDS Space Data Link Security Protocol \u2013 Extended Procedures for secure spacecraft communications. In versions prior to 1.4.3, the cryptography_aead_encrypt() function contains an out\u2011of\u2011bounds heap read, triggered when parsing encryption metadata using a flawed strtok pattern. This flaw allows a malicious user to cause the library to read beyond the bounds of the intended buffer and disclose sensitive memory contents such as cryptographic keys or other private data, as identified by CWE\u2011125.", "risk_and_exploitability": "The CVSS score of 8.2 indicates a high impact vulnerability, while the EPSS score of less than 1% shows a very low likelihood of exploitation in the wild. The vulnerability is not listed in the CISA KEV catalog, reducing its perceived threat level for critical missions. Although the attack vector is not explicitly documented, the flaw is exercised during AEAD encryption, implying that an attacker would need to supply crafted metadata input, which could be feasible in a compromised or untrusted environment. The official remediation is to update to version 1.4.3, which eliminates the out\u2011of\u2011bounds read."}}}}, "created": "2026-01-12T14:36:44.595331+00:00", "updated": "2026-04-18T16:45:05.219519+00:00", "vendors": ["nasa", "nasa$PRODUCT$cryptolib"]}