Lucene search

K
EprosimaFast Dds

18 matches found

cve
cve
added 2024/02/19 8:15 p.m.74 views

CVE-2023-50257

eProsima Fast DDS (formerly Fast RTPS) is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Even with the application of SROS2, due to the issue where the data (p[UD]) and guid values used to disconnect between nodes are not encrypted, a vulnerability ha...

9.6CVSS9.2AI score0.00049EPSS
cve
cve
added 2024/03/19 6:15 a.m.64 views

CVE-2024-26369

An issue in the HistoryQosPolicy component of FastDDS v2.12.x, v2.11.x, v2.10.x, and v2.6.x leads to a SIGABRT (signal abort) upon receiving DataWriter's data.

7.5CVSS6.7AI score0.00139EPSS
cve
cve
added 2023/10/16 9:15 p.m.60 views

CVE-2023-42459

Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group). In affected versions specific DATA submessages can be sent to a discovery locator which may trigger a free error. This can remotely crash any Fast-DDS process. The call to free() c...

8.6CVSS7.9AI score0.00288EPSS
cve
cve
added 2025/01/09 3:15 p.m.56 views

CVE-2023-24010

An attacker can arbitrarily craft malicious DDS Participants (or ROS 2 Nodes) with valid certificates to compromise and get full control of the attacked secure DDS databus system by exploiting vulnerable attributes in the configuration of PKCS#7 certificate’s validation. This is caused by a non-com...

8.2CVSS8.1AI score0.00065EPSS
cve
cve
added 2024/04/11 6:15 a.m.55 views

CVE-2024-30917

An issue was discovered in eProsima FastDDS v.2.14.0 and before, allows a local attacker to cause a denial of service (DoS) and obtain sensitive information via a crafted history_depth parameter in DurabilityService QoS component.

5.5CVSS6.3AI score0.00051EPSS
cve
cve
added 2024/03/06 6:15 p.m.53 views

CVE-2023-50716

eProsima Fast DDS (formerly Fast RTPS) is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.13.0, 2.12.2, 2.11.3, 2.10.3, and 2.6.7, an invalid DATA_FRAG Submessage causes a bad-free error, and the Fast-DDS process can be remotely ter...

9.8CVSS9.3AI score0.00829EPSS
cve
cve
added 2024/03/20 8:15 p.m.53 views

CVE-2024-28231

eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.14.0, 2.13.4, 2.12.3, 2.10.4, and 2.6.8, manipulated DATA Submessage can cause a heap overflow error in the Fast-DDS process, causing the process to be terminated ...

9.6CVSS9.5AI score0.00188EPSS
cve
cve
added 2022/05/05 5:15 p.m.52 views

CVE-2021-38425

eProsima Fast DDS versions prior to 2.4.0 (#2269) are susceptible to exploitation when an attacker sends a specially crafted packet to flood a target device with unwanted traffic, which may result in a denial-of-service condition and information exposure.

9.1CVSS8.1AI score0.00054EPSS
cve
cve
added 2023/08/11 2:15 p.m.52 views

CVE-2023-39945

eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.11.0, 2.10.2, 2.9.2, and 2.6.5, a data submessage sent to PDP port raises unhandled BadParamException in fastcdr, which in turn crashes fastdds. Versions 2.11.0, 2...

8.2CVSS7.6AI score0.00067EPSS
cve
cve
added 2024/05/14 3:22 p.m.52 views

CVE-2024-30258

FastDDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group). Prior to versions 2.14.1, 2.13.5, 2.10.4, and 2.6.8, when a publisher serves a malformed RTPS packet, the subscriber crashes when creating pthread. This can remotely crash any Fast-...

8.2CVSS6.7AI score0.01297EPSS
cve
cve
added 2024/04/11 6:15 a.m.52 views

CVE-2024-30916

An issue was discovered in eProsima FastDDS v.2.14.0 and before, allows a local attacker to cause a denial of service (DoS) and obtain sensitive information via a crafted max_samples parameter in DurabilityService QoS component.

7.1CVSS6.3AI score0.00048EPSS
cve
cve
added 2023/08/11 2:15 p.m.43 views

CVE-2023-39949

eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.9.1 and 2.6.5, improper validation of sequence numbers may lead to remotely reachable assertion failure. This can remotely crash any Fast-DDS process. Versions 2.9...

7.5CVSS7.5AI score0.00067EPSS
cve
cve
added 2025/02/11 4:15 p.m.42 views

CVE-2025-24807

eprosima Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group). Prior to versions 2.6.10, 2.10.7, 2.14.5, 3.0.2, 3.1.2, and 3.2.0, per design, PermissionsCA is not full chain validated, nor is the expiration date validated. Access cont...

7.1CVSS6.5AI score0.00025EPSS
cve
cve
added 2023/08/11 2:15 p.m.41 views

CVE-2023-39947

eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.11.1, 2.10.2, 2.9.2, and 2.6.6, even after the fix at commit 3492270, malformed PID_PROPERTY_LIST parameters cause heap overflow at a different program counter. Th...

8.2CVSS7.8AI score0.00081EPSS
cve
cve
added 2023/08/11 2:15 p.m.40 views

CVE-2023-39534

eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.10.0, 2.9.2, and 2.6.5, a malformed GAP submessage can trigger assertion failure, crashing FastDDS. Version 2.10.0, 2.9.2, and 2.6.5 contain a patch for this issue...

7.5CVSS7.4AI score0.00068EPSS
cve
cve
added 2023/08/11 2:15 p.m.39 views

CVE-2023-39946

eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.11.1, 2.10.2, 2.9.2, and 2.6.6, heap can be overflowed by providing a PID_PROPERTY_LIST parameter that contains a CDR string with length larger than the size of ac...

8.2CVSS7.6AI score0.00066EPSS
cve
cve
added 2024/05/14 3:22 p.m.36 views

CVE-2024-30259

FastDDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group). Prior to versions 2.14.1, 2.13.5, 2.10.4, and 2.6.8, when a publisher serves malformed RTPS packet, heap buffer overflow occurs on the subscriber. This can remotely crash any Fast-D...

8.2CVSS7.2AI score0.01101EPSS
cve
cve
added 2023/08/11 2:15 p.m.34 views

CVE-2023-39948

eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.10.0 and 2.6.5, the BadParamException thrown by Fast CDR is not caught in Fast DDS. This can remotely crash any Fast DDS process. Versions 2.10.0 and 2.6.5 contain...

7.5CVSS7.4AI score0.00095EPSS