Eclipse: >> Cyclone Data Distribution Service Security Vulnerabilities
An integer underflow during deserialization may allow any unauthenticated user to read out of bounds heap memory. This may result into secret data or pointers revealing the layout of the address space to be included into a deserialized data structure, which may potentially lead to thread crashes or cause denial of service conditions.
CVSS Score
9.1
EPSS Score
0.009
Published
2025-03-12
A stack buffer overflow in /ddsi/q_bitset.h of Eclipse IOT Cyclone DDS Project v0.1.0 causes the DDS subscriber server to crash.
CVSS Score
7.5
EPSS Score
0.006
Published
2021-08-23
A heap buffer overflow in /src/dds_stream.c of Eclipse IOT Cyclone DDS Project v0.1.0 causes the DDS subscriber server to crash.
CVSS Score
7.5
EPSS Score
0.006
Published
2021-08-23