Objectcomputing Opendds
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Objectcomputing Opendds.
By the Year
In 2026 there have been 0 vulnerabilities in Objectcomputing Opendds. Opendds did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 0 | 0.00 |
| 2024 | 2 | 7.50 |
| 2023 | 2 | 7.50 |
| 2022 | 3 | 8.80 |
It may take a day or so for new Opendds vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Objectcomputing Opendds Security Vulnerabilities
OpenDDS Local DoS via DataReaderQoS max_samples
CVE-2024-30915
- April 11, 2024
An issue was discovered in OpenDDS commit b1c534032bb62ad4ae32609778de6b8d6c823a66, allows a local attacker to cause a denial of service and obtain sensitive information via the max_samples parameter within the DataReaderQoS component.
Segmentation fault in OpenDDS 3.27 DataWriter on large max_samples
CVE-2023-52427
7.5 - High
- February 11, 2024
In OpenDDS through 3.27, there is a segmentation fault for a DataWriter with a large value of resource_limits.max_samples. NOTE: the vendor's position is that the product is not designed to handle a max_samples value that is too large for the amount of memory on the system.
Allocation of Resources Without Limits or Throttling
OpenDDS Crash via Malformed PID_PROPERTY_LIST in DATA submsg (before 3.25)
CVE-2023-37915
7.5 - High
- July 21, 2023
OpenDDS is an open source C++ implementation of the Object Management Group (OMG) Data Distribution Service (DDS). OpenDDS crashes while parsing a malformed `PID_PROPERTY_LIST` in a DATA submessage during participant discovery. Attackers can remotely crash OpenDDS processes by sending a DATA submessage containing the malformed parameter to the known multicast port. This issue has been addressed in version 3.25. Users are advised to upgrade. There are no known workarounds for this vulnerability.
OpenDDS Crash via Malformed RTPS (Pre-3.23.1)
CVE-2023-23932
7.5 - High
- February 03, 2023
OpenDDS is an open source C++ implementation of the Object Management Group (OMG) Data Distribution Service (DDS). OpenDDS applications that are exposed to untrusted RTPS network traffic may crash when parsing badly-formed input. This issue has been patched in version 3.23.1.
OCI OpenDDS versions prior to 3.18.1 are vulnerable when an attacker sends a specially crafted packet to flood target devices with unwanted traffic
CVE-2021-38447
7.5 - High
- May 05, 2022
OCI OpenDDS versions prior to 3.18.1 are vulnerable when an attacker sends a specially crafted packet to flood target devices with unwanted traffic, which may result in a denial-of-service condition.
Amplification
OCI OpenDDS versions prior to 3.18.1 do not handle a length parameter consistent with the actual length of the associated data, which may
CVE-2021-38445
9.8 - Critical
- May 05, 2022
OCI OpenDDS versions prior to 3.18.1 do not handle a length parameter consistent with the actual length of the associated data, which may allow an attacker to remotely execute arbitrary code.
length manipulation
OCI OpenDDS versions prior to 3.18.1 are vulnerable when an attacker sends a specially crafted packet to flood target devices with unwanted traffic
CVE-2021-38429
9.1 - Critical
- May 05, 2022
OCI OpenDDS versions prior to 3.18.1 are vulnerable when an attacker sends a specially crafted packet to flood target devices with unwanted traffic, which may result in a denial-of-service condition and information exposure.
Network Amplification
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Objectcomputing Opendds or by Objectcomputing? Click the Watch button to subscribe.
