Fast Dds Security Vulnerabilities and Issues — Fast Dds CVE List

Lucene search

EprosimaFast Dds

8 matches found

CVE•added 2024/02/19 8:15 p.m.•74 views

CVE-2023-50257

eProsima Fast DDS (formerly Fast RTPS) is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Even with the application of SROS2, due to the issue where the data (p[UD]) and guid values used to disconnect between nodes are not encrypted, a vulnerability ha...

9.6CVSS9.2AI score0.00049EPSS

CVE•added 2024/03/19 6:15 a.m.•64 views

CVE-2024-26369

An issue in the HistoryQosPolicy component of FastDDS v2.12.x, v2.11.x, v2.10.x, and v2.6.x leads to a SIGABRT (signal abort) upon receiving DataWriter's data.

7.5CVSS6.7AI score0.00139EPSS

CVE•added 2024/04/11 6:15 a.m.•55 views

CVE-2024-30917

An issue was discovered in eProsima FastDDS v.2.14.0 and before, allows a local attacker to cause a denial of service (DoS) and obtain sensitive information via a crafted history_depth parameter in DurabilityService QoS component.

5.5CVSS6.3AI score0.00051EPSS

CVE•added 2024/03/06 6:15 p.m.•53 views

CVE-2023-50716

eProsima Fast DDS (formerly Fast RTPS) is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.13.0, 2.12.2, 2.11.3, 2.10.3, and 2.6.7, an invalid DATA_FRAG Submessage causes a bad-free error, and the Fast-DDS process can be remotely ter...

9.8CVSS9.3AI score0.01123EPSS

CVE•added 2024/03/20 8:15 p.m.•53 views

CVE-2024-28231

eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.14.0, 2.13.4, 2.12.3, 2.10.4, and 2.6.8, manipulated DATA Submessage can cause a heap overflow error in the Fast-DDS process, causing the process to be terminated ...

9.6CVSS9.5AI score0.00188EPSS

CVE•added 2024/05/14 3:22 p.m.•52 views

CVE-2024-30258

FastDDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group). Prior to versions 2.14.1, 2.13.5, 2.10.4, and 2.6.8, when a publisher serves a malformed RTPS packet, the subscriber crashes when creating pthread. This can remotely crash any Fast-...

8.2CVSS6.7AI score0.01297EPSS

CVE•added 2024/04/11 6:15 a.m.•52 views

CVE-2024-30916

An issue was discovered in eProsima FastDDS v.2.14.0 and before, allows a local attacker to cause a denial of service (DoS) and obtain sensitive information via a crafted max_samples parameter in DurabilityService QoS component.

7.1CVSS6.3AI score0.00048EPSS

CVE•added 2024/05/14 3:22 p.m.•36 views

CVE-2024-30259

FastDDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group). Prior to versions 2.14.1, 2.13.5, 2.10.4, and 2.6.8, when a publisher serves malformed RTPS packet, heap buffer overflow occurs on the subscriber. This can remotely crash any Fast-D...

8.2CVSS7.2AI score0.01101EPSS