First published: Thu May 05 2022(Updated: )
Credit: ics-cert@hq.dhs.gov
Affected Software | Affected Version | How to fix |
---|---|---|
Eclipse CycloneDDS | <0.8.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-38443 is a vulnerability in Eclipse CycloneDDS versions prior to 0.8.0 that allows an attacker to write arbitrary values in the XML parser.
CVE-2021-38443 has a severity level of critical with a CVSS score of 9.8.
Eclipse CycloneDDS versions up to but not including 0.8.0 are affected by CVE-2021-38443.
The CWE for CVE-2021-38443 is 228.
You can find more information about CVE-2021-38443 on the Eclipse CycloneDDS project page and the US-CERT advisory page.