Lucene search

GoogleOSV:CVE-2023-23932

HistoryFeb 03, 2023 - 9:15 p.m.

CVE-2023-23932

2023-02-0321:15:11

Google

osv.dev

opendds

vulnerability

rtps network

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

6.8 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

32.7%

JSON

OpenDDS is an open source C++ implementation of the Object Management Group (OMG) Data Distribution Service (DDS). OpenDDS applications that are exposed to untrusted RTPS network traffic may crash when parsing badly-formed input. This issue has been patched in version 3.23.1.

CPENameOperatorVersion
openddseqDDS-3.11
openddseqDDS-3.17-pre19
openddseqDDS-3.17-pre13
openddseqDDS-3.20
openddseqDDS-3.16-pre21
openddseqDDS-3.10
openddseqDDS-3.17-pre7
openddseqDDS-3.17-pre6z
openddseqgreen-36
openddseqDDS-3.16-pre5

Name	Operator	Version
opendds	eq	DDS-3.11
opendds	eq	DDS-3.17-pre19
opendds	eq	DDS-3.17-pre13
opendds	eq	DDS-3.20
opendds	eq	DDS-3.16-pre21
opendds	eq	DDS-3.10
opendds	eq	DDS-3.17-pre7
opendds	eq	DDS-3.17-pre6z
opendds	eq	green-36
opendds	eq	DDS-3.16-pre5

Rows per page:

1-10 of 1121

References

github.com/OpenDDS/OpenDDS/releases/tag/DDS-3.23.1

github.com/OpenDDS/OpenDDS/security/advisories/GHSA-8wvq-25f5-f8h4

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

6.8 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

32.7%

JSON

Related for OSV:CVE-2023-23932