Vulnerabilities > Eclipse > Cyclonedds > Critical

DATE CVE VULNERABILITY TITLE RISK
2022-05-05 CVE-2021-38443 Improper Handling of Syntactically Invalid Structure vulnerability in Eclipse Cyclonedds
Eclipse CycloneDDS versions prior to 0.8.0 improperly handle invalid structures, which may allow an attacker to write arbitrary values in the XML parser.
network
low complexity
eclipse CWE-228
critical
 9.8
9.8
2022-05-05 CVE-2021-38441 Write-what-where Condition vulnerability in Eclipse Cyclonedds
Eclipse CycloneDDS versions prior to 0.8.0 are vulnerable to a write-what-where condition, which may allow an attacker to write arbitrary values in the XML parser.
network
low complexity
eclipse CWE-123
critical
 9.8
9.8