eProsima

4 exploits Active since Aug 2023
CVE-2023-39534 WRITEUP HIGH WRITEUP
Eprosima Fast Dds < 2.6.5 - Reachable Assertion
eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.10.0, 2.9.2, and 2.6.5, a malformed GAP submessage can trigger assertion failure, crashing FastDDS. Version 2.10.0, 2.9.2, and 2.6.5 contain a patch for this issue.
CVSS 7.5
CVE-2023-39945 WRITEUP HIGH WRITEUP
eprosima Fast DDS <2.11.0-2.6.5 - Crash
eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.11.0, 2.10.2, 2.9.2, and 2.6.5, a data submessage sent to PDP port raises unhandled `BadParamException` in fastcdr, which in turn crashes fastdds. Versions 2.11.0, 2.10.2, 2.9.2, and 2.6.5 contain a patch for this issue.
CVSS 8.2
CVE-2023-39949 WRITEUP HIGH WRITEUP
Eprosima Fast Dds < 2.6.5 - Reachable Assertion
eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.9.1 and 2.6.5, improper validation of sequence numbers may lead to remotely reachable assertion failure. This can remotely crash any Fast-DDS process. Versions 2.9.1 and 2.6.5 contain a patch for this issue.
CVSS 7.5
CVE-2025-63829 WRITEUP HIGH WRITEUP
eProsima Fast-DDS <v3.3 - Memory Corruption
eProsima Fast-DDS v3.3 and before has an infinite loop vulnerability caused by integer overflow in the Time_t:: fraction() function.
CVSS 7.5