Fast Dds Security Vulnerabilities and Issues — Fast Dds CVE List

Lucene search

EprosimaFast Dds

7 matches found

CVE•added 2023/10/16 9:15 p.m.•60 views

CVE-2023-42459

Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group). In affected versions specific DATA submessages can be sent to a discovery locator which may trigger a free error. This can remotely crash any Fast-DDS process. The call to free() c...

8.6CVSS7.9AI score0.00288EPSS

CVE•added 2025/01/09 3:15 p.m.•56 views

CVE-2023-24010

An attacker can arbitrarily craft malicious DDS Participants (or ROS 2 Nodes) with valid certificates to compromise and get full control of the attacked secure DDS databus system by exploiting vulnerable attributes in the configuration of PKCS#7 certificate’s validation. This is caused by a non-com...

8.2CVSS8.1AI score0.00065EPSS

CVE•added 2023/08/11 2:15 p.m.•52 views

CVE-2023-39945

eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.11.0, 2.10.2, 2.9.2, and 2.6.5, a data submessage sent to PDP port raises unhandled BadParamException in fastcdr, which in turn crashes fastdds. Versions 2.11.0, 2...

8.2CVSS7.6AI score0.00067EPSS

CVE•added 2024/05/14 3:22 p.m.•52 views

CVE-2024-30258

FastDDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group). Prior to versions 2.14.1, 2.13.5, 2.10.4, and 2.6.8, when a publisher serves a malformed RTPS packet, the subscriber crashes when creating pthread. This can remotely crash any Fast-...

8.2CVSS6.7AI score0.01297EPSS

CVE•added 2023/08/11 2:15 p.m.•41 views

CVE-2023-39947

eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.11.1, 2.10.2, 2.9.2, and 2.6.6, even after the fix at commit 3492270, malformed PID_PROPERTY_LIST parameters cause heap overflow at a different program counter. Th...

8.2CVSS7.8AI score0.00081EPSS

CVE•added 2023/08/11 2:15 p.m.•39 views

CVE-2023-39946

eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.11.1, 2.10.2, 2.9.2, and 2.6.6, heap can be overflowed by providing a PID_PROPERTY_LIST parameter that contains a CDR string with length larger than the size of ac...

8.2CVSS7.6AI score0.00066EPSS

CVE•added 2024/05/14 3:22 p.m.•36 views

CVE-2024-30259

FastDDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group). Prior to versions 2.14.1, 2.13.5, 2.10.4, and 2.6.8, when a publisher serves malformed RTPS packet, heap buffer overflow occurs on the subscriber. This can remotely crash any Fast-D...

8.2CVSS7.2AI score0.01101EPSS