Описание
Eclipse CycloneDDS versions prior to 0.8.0 are vulnerable to a write-what-where condition, which may allow an attacker to write arbitrary values in the XML parser.
Ссылки
- Product
- Third Party AdvisoryUS Government Resource
- Product
- Third Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1Версия до 0.8.0 (исключая)
cpe:2.3:a:eclipse:cyclonedds:*:*:*:*:*:*:*:*
EPSS
Процентиль: 37%
0.00161
Низкий
6.6 Medium
CVSS3
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-123
Связанные уязвимости
CVSS3: 6.6
ubuntu
почти 4 года назад
Eclipse CycloneDDS versions prior to 0.8.0 are vulnerable to a write-what-where condition, which may allow an attacker to write arbitrary values in the XML parser.
CVSS3: 6.6
debian
почти 4 года назад
Eclipse CycloneDDS versions prior to 0.8.0 are vulnerable to a write-w ...
CVSS3: 9.8
github
почти 4 года назад
Eclipse CycloneDDS versions prior to 0.8.0 are vulnerable to a write-what-where condition, which may allow an attacker to write arbitrary values in the XML parser.
EPSS
Процентиль: 37%
0.00161
Низкий
6.6 Medium
CVSS3
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-123