eProsima Fast DDS 2.6.8

CPE Details

eProsima Fast DDS 2.6.8
eprosima
fast_dds
2.6.8
2025-01-07
19h38 +00:00
2025-01-07
19h38 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:eprosima:fast_dds:2.6.8:*:*:*:*:*:*:*

Informations

Vendor

eprosima

Product

fast_dds

Version

2.6.8

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2025-24807 2025-02-11 15h31 +00:00 eprosima Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group). Prior to versions 2.6.10, 2.10.7, 2.14.5, 3.0.2, 3.1.2, and 3.2.0, per design, PermissionsCA is not full chain validated, nor is the expiration date validated. Access control plugin validates only the S/MIME signature which causes an expired PermissionsCA to be taken as valid. Even though this issue is responsible for allowing `governance/permissions` from an expired PermissionsCA and having the system crash when PermissionsCA is not self-signed and contains the full-chain, the impact is low. Versions 2.6.10, 2.10.7, 2.14.5, 3.0.2, 3.1.2, and 3.2.0 contain a fix for the issue.
4.5
Medium
CVE-2024-30916 2024-04-11 00h00 +00:00 An issue was discovered in eProsima FastDDS v.2.14.0 and before, allows a local attacker to cause a denial of service (DoS) and obtain sensitive information via a crafted max_samples parameter in DurabilityService QoS component.
7.1
High