Eclipse CycloneDDS versions prior to 0.8.0 are vulnerable to a write-what-where condition, which may allow an attacker to write arbitrary values in the XML parser.
Metrics
Affected Vendors & Products
Advisories
Source | ID | Title |
---|---|---|
![]() |
EUVD-2021-24893 | Eclipse CycloneDDS versions prior to 0.8.0 are vulnerable to a write-what-where condition, which may allow an attacker to write arbitrary values in the XML parser. |
Fixes
Solution
Eclipse recommends users apply the latest CycloneDDS patches. https://projects.eclipse.org/projects/iot.cyclonedds
Workaround
No workaround given by the vendor.
References
History
Wed, 16 Apr 2025 17:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|

Status: PUBLISHED
Assigner: icscert
Published:
Updated: 2025-04-16T16:24:09.254Z
Reserved: 2021-08-10T00:00:00.000Z
Link: CVE-2021-38441

Updated: 2024-08-04T01:44:22.398Z

Status : Modified
Published: 2022-05-05T17:15:09.537
Modified: 2024-11-21T06:17:06.500
Link: CVE-2021-38441

No data.

No data.