CVE-2023-37915

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2023-37915

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-37915.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2023-37915

Related

GHSA-v5pp-7prc-5xq9

Published

2023-07-21T21:15:11Z

Modified

2025-07-01T15:00:04.651829Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

OpenDDS is an open source C++ implementation of the Object Management Group (OMG) Data Distribution Service (DDS). OpenDDS crashes while parsing a malformed PID_PROPERTY_LIST in a DATA submessage during participant discovery. Attackers can remotely crash OpenDDS processes by sending a DATA submessage containing the malformed parameter to the known multicast port. This issue has been addressed in version 3.25. Users are advised to upgrade. There are no known workarounds for this vulnerability.

References

Affected packages

Git / github.com/opendds/opendds

Affected ranges

Type: GIT
Repo: https://github.com/opendds/opendds
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

2038b660f2037fb0758dbf106005d77f3b2d52f8

Affected versions

DDS-3.*

DDS-3.10

DDS-3.11

DDS-3.12

DDS-3.13

DDS-3.13.1

DDS-3.14

DDS-3.14-pre1

DDS-3.14-pre2

DDS-3.14-pre3

DDS-3.14-pre4

DDS-3.14-pre5

DDS-3.15

DDS-3.15-pre1

DDS-3.15-pre10

DDS-3.15-pre11

DDS-3.15-pre12

DDS-3.15-pre13

DDS-3.15-pre14

DDS-3.15-pre15

DDS-3.15-pre16

DDS-3.15-pre17

DDS-3.15-pre18

DDS-3.15-pre19

DDS-3.15-pre2

DDS-3.15-pre20

DDS-3.15-pre21

DDS-3.15-pre22

DDS-3.15-pre23

DDS-3.15-pre24

DDS-3.15-pre3

DDS-3.15-pre4

DDS-3.15-pre5

DDS-3.15-pre6

DDS-3.15-pre7

DDS-3.15-pre8

DDS-3.15-pre9

DDS-3.16

DDS-3.16-pre1

DDS-3.16-pre10

DDS-3.16-pre11

DDS-3.16-pre12

DDS-3.16-pre13

DDS-3.16-pre14

DDS-3.16-pre15

DDS-3.16-pre15a

DDS-3.16-pre16

DDS-3.16-pre17

DDS-3.16-pre18

DDS-3.16-pre2

DDS-3.16-pre20

DDS-3.16-pre21

DDS-3.16-pre3

DDS-3.16-pre4

DDS-3.16-pre5

DDS-3.16-pre6

DDS-3.16-pre7

DDS-3.16-pre8

DDS-3.16-pre9

DDS-3.17

DDS-3.17-pre1

DDS-3.17-pre10

DDS-3.17-pre13

DDS-3.17-pre14

DDS-3.17-pre15

DDS-3.17-pre16

DDS-3.17-pre17

DDS-3.17-pre17f

DDS-3.17-pre17g

DDS-3.17-pre18

DDS-3.17-pre19

DDS-3.17-pre2

DDS-3.17-pre20

DDS-3.17-pre21

DDS-3.17-pre22

DDS-3.17-pre23

DDS-3.17-pre24

DDS-3.17-pre3

DDS-3.17-pre4

DDS-3.17-pre5

DDS-3.17-pre6

DDS-3.17-pre6z

DDS-3.17-pre7

DDS-3.17-pre7a

DDS-3.17-pre7b

DDS-3.17-pre8

DDS-3.17-pre8a

DDS-3.17-pre8b

DDS-3.17-pre8c

DDS-3.17-pre8d

DDS-3.17-pre9

DDS-3.17-pre9a

DDS-3.18

DDS-3.18-pre1

DDS-3.18-pre2

DDS-3.18-pre3

DDS-3.18-pre4

DDS-3.18-pre6

DDS-3.18-pre8

DDS-3.19

DDS-3.20

DDS-3.21

DDS-3.22

DDS-3.23

DDS-3.24

DDS-3.6

DDS-3.7

DDS-3.8

DDS-3.9

Other

SBIR-FunctionalPrototype

green-35

green-36

green-37

green-38

green-39

vxworks-pkgs-2210

xtypes-20200512