Opendds Security Vulnerabilities and Issues — Opendds CVE List

ObjectcomputingOpendds

8 matches found

CVE•added 2022/05/05 3:17 p.m.•67 views

CVE-2021-38445

CVE-2021-38445 affects OCI OpenDDS: versions prior to 3.18.1 do not handle a length parameter consistently with the actual data length, enabling remote code execution. The root cause is improper length handling in the OpenDDS data path, leading to potential arbitrary code execution on affected sy...

9.8CVSS8.5AI score0.00698EPSS

CVE•added 2022/05/05 3:18 p.m.•63 views

CVE-2021-38447

OCI OpenDDS prior to version 3.18.1 is vulnerable to a network amplification/DoS due to an attacker sending specially crafted packets, causing denial of service. Affected: OpenDDS (OCI) before 3.18.1. Root cause: improper handling that allows amplification and excessive network traffic. Impact: d...

8.6CVSS7.6AI score0.00097EPSS

CVE•added 2024/04/11 12:0 a.m.•57 views

CVE-2024-30915

OpenDDS (commit b1c534032bb62ad4ae32609778de6b8d6c823a66) contains a vulnerability in the DataReaderQoS component where the max_samples parameter can be abused by a local attacker to cause a denial of service and to obtain sensitive information. Affected product/line is OpenDDS; root cause tied t...

4.3CVSS6.5AI score0.00092EPSS

CVE•added 2022/05/05 3:26 p.m.•53 views

CVE-2021-38429

CVE-2021-38429 affects OCI OpenDDS: versions prior to 3.18.1 are vulnerable to a network amplification issue where a specially crafted packet can flood target devices, causing denial-of-service and information exposure. The ICS/CISA advisory explicitly notes mitigation by upgrading OpenDDS to ver...

9.1CVSS7.7AI score0.0006EPSS

CVE•added 2024/02/11 12:0 a.m.•53 views

CVE-2023-52427

OpenDDS up to version 3.27 contains a segmentation fault in DataWriter when resource_limits.max_samples is set to a large value. The issue is attributed to memory capacity being exceeded, with vendors noting the product isn’t designed to handle max_samples values that exceed system memory. The pu...

7.5CVSS7.5AI score0.00064EPSS

CVE•added 2023/02/03 8:8 p.m.•41 views

CVE-2023-23932

OpenDDS (C++ implementation of OMG DDS) is affected by CVE-2023-23932. The vulnerability involves processing of RTPS network input: untrusted, badly-formed input may cause OpenDDS applications to crash. Root cause details indicate the issue affected OpenDDS prior to version 3.23.1. Public referen...

7.5CVSS6.2AI score0.0041EPSS

CVE•added 2023/07/21 8:2 p.m.•41 views

CVE-2023-37915

OpenDDS (C++ implementation of OMG DDS) is affected by CVE-2023-37915 due to a vulnerability in parsing a malformed PID_PROPERTY_LIST within a DATA submessage during participant discovery. The underlying issue can cause remote crashes of OpenDDS processes when a crafted DATA submessage is sent to...

7.5CVSS7.5AI score0.00319EPSS

CVE•added 2025/12/23 12:0 a.m.•7 views

CVE-2025-67111

Vulnerability summary: CVE-2025-67111 affects OpenDDS DDS prior to 3.33.0. The issue is an integer overflow in the RTPS protocol implementation, enabling a Denial of Service via a crafted message. What’s affected: OpenDDS DDS (RTPS protocol implementation) before v3.33.0. Impact (as stated): Deni...

7.5CVSS6.6AI score0.00108EPSS