CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-38443 – Eclipse CycloneDDS Improper Handling of Syntactically Invalid Structure
https://notcve.org/view.php?id=CVE-2021-38443
Eclipse CycloneDDS versions prior to 0.8.0 improperly handle invalid structures, which may allow an attacker to write arbitrary values in the XML parser. Eclipse CycloneDDS versiones anteriores a 0.8.0, manejan inapropiadamente las estructuras no válidas, lo que puede permitir a un atacante escribir valores arbitrarios en el analizador XML • https://projects.eclipse.org/projects/iot.cyclonedds https://www.cisa.gov/uscert/ics/advisories/icsa-21-315-02 • CWE-228: Improper Handling of Syntactically Invalid Structure •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-38441 – Eclipse CycloneDDS Write-what-where Condition
https://notcve.org/view.php?id=CVE-2021-38441
Eclipse CycloneDDS versions prior to 0.8.0 are vulnerable to a write-what-where condition, which may allow an attacker to write arbitrary values in the XML parser. Eclipse CycloneDDS versiones anteriores a 0.8.0, son vulnerables a una condición de escritura en cualquier lugar, lo que puede permitir a un atacante escribir valores arbitrarios en el analizador XML • https://projects.eclipse.org/projects/iot.cyclonedds https://www.cisa.gov/uscert/ics/advisories/icsa-21-315-02 • CWE-123: Write-what-where Condition •