NASA CryptoLib before 1.3.2 uses Extended Procedures that are a Work in Progress (not intended for use during flight), potentially leading to a keystream oracle.
The product is deployed to unauthorized actors with debugging code still enabled or active, which can create unintended entry points or expose sensitive information.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Cryptolib | Nasa | * | 1.3.2 (excluding) |