CVE-2023-45282

high

Description

In NASA Open MCT (aka openmct) before 3.1.0, prototype pollution can occur via an import action.

References

https://www.linkedin.com/pulse/prototype-pollution-nasas-open-mct-cve-2023-45282

https://nasa.github.io/openmct/

https://github.com/nasa/openmct/pull/7094/commits/545a1770c523ecc3410dca884c6809d5ff0f9d52

https://github.com/nasa/openmct/compare/v3.0.2...v3.1.0

Details

Source: Mitre, NVD

Published: 2023-10-06

Updated: 2026-06-17

Risk Information

CVSS v2

Base Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Severity: High

CVSS v3

Base Score: 7.5

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Severity: High

EPSS

EPSS: 0.00371