Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

eProsima — Vulnerabilities & Security Advisories 23

Browse all 23 CVE security advisories affecting eProsima. AI-powered Chinese analysis, POCs, and references for each vulnerability.

eProsima specializes in developing open-source middleware solutions, primarily focused on the Data Distribution Service (DDS) standard for real-time, high-performance communication in IoT, robotics, and autonomous systems. The company’s software portfolio, including Fast DDS, has been associated with twenty-three recorded Common Vulnerabilities and Exposures (CVEs). Historically, these security issues predominantly involve memory corruption flaws, such as buffer overflows and use-after-free errors, which can lead to remote code execution or denial of service conditions. While cross-site scripting and privilege escalation are less common in this specific middleware context, the complexity of networked data handling introduces risks related to input validation and serialization. Notable incidents have highlighted the critical need for rigorous patch management in industrial control environments where eProsima’s technology is deployed. The firm actively collaborates with the community to address these vulnerabilities, emphasizing the importance of secure coding practices in distributed systems architecture.

Top products by eProsima: Fast-DDS Fast DDS DDS
CVE IDTitleCVSSSeverityPublished
CVE-2025-64438 Fast-DDS: Unbounded GAP range triggers OOM DoS under RELIABLE QoS — Fast-DDSCWE-835 7.5AIHighAI2026-02-03
CVE-2025-64098 FastDDS has Out-of-memory in readOctetVector via Manipulated DATA Submessage when DDS Security is enabled — Fast-DDSCWE-125 7.5AIHighAI2026-02-03
CVE-2025-62799 FastDDS's heap buffer overflow in RTPS DATA_FRAG enables unauthenticated DoS (potential RCE) — Fast-DDSCWE-122 9.8AICriticalAI2026-02-03
CVE-2025-62603 FastDDS has Out-of-memory while parsing GenericMessage when DDS Security is enabled — Fast-DDSCWE-125 9.8AICriticalAI2026-02-03
CVE-2025-62602 FastDDS has heap buffer overflow in readData via Manipulated DATA Submessage when DDS Security is enabled — Fast-DDSCWE-122 7.5AIHighAI2026-02-03
CVE-2025-62601 FastDDS has heap buffer overflow in readString via Manipulated DATA Submessage when DDS Security is enabled — Fast-DDSCWE-122 7.5AIHighAI2026-02-03
CVE-2025-62600 eprosima Fast DDS affected by Out-of-Memory in readBinaryPropertySeq via Manipulated DATA Submessage when DDS Security is enabled — Fast-DDSCWE-190 8.6 High2026-02-03
CVE-2025-62599 eprosima Fast DDS affected by Out-of-Memory in readPropertySeq via Manipulated DATA Submessage when DDS Security is enabled — Fast-DDSCWE-190 8.6 High2026-02-03
CVE-2025-24807 Fast DDS does not verify Permissions CA — Fast-DDSCWE-345 9.1 -2025-02-11
CVE-2023-24010 Data Distribution Service (DDS) Chain of Trust (CoT) violation in Fast DDS — DDSCWE-200 8.2 High2025-01-09
CVE-2024-30259 FastDDS heap buffer overflow when publisher sends malformed packet — Fast-DDSCWE-120 8.2 High2024-05-13
CVE-2024-30258 FastDDS crash when publisher send malformed packet — Fast-DDSCWE-20 8.2 High2024-05-13
CVE-2024-28231 Manipulated DATA Submessage causes a heap-buffer-overflow error — Fast-DDSCWE-122 9.7 Critical2024-03-20
CVE-2023-50716 Invalid DATA_FRAG Submessage causes a bad-free error — Fast-DDSCWE-416 9.7 Critical2024-03-06
CVE-2023-50257 Disconnect Vulnerability in RTPS Packets Used by SROS2 — Fast-DDSCWE-284 9.7 Critical2024-02-19
CVE-2023-42459 Malformed DATA submessage leads to bad-free error in Fast-DDS — Fast-DDSCWE-415 8.6 High2023-10-16
CVE-2023-39949 Improper validation of sequence numbers leading to remotely reachable assertion failure — Fast-DDSCWE-617 7.5 High2023-08-11
CVE-2023-39948 Uncaught fastcdr exception (Unexpected CDR type received) crashing fastdds — Fast-DDSCWE-248 7.5 High2023-08-11
CVE-2023-39947 Another heap overflow in push_back_helper — Fast-DDSCWE-122 8.2 High2023-08-11
CVE-2023-39946 Heap overflow in push_back_helper due to a CDR message — Fast-DDSCWE-122 8.2 High2023-08-11
CVE-2023-39945 Malformed serialized data in a data submessage leads to unhandled exception — Fast-DDSCWE-248 8.2 High2023-08-11
CVE-2023-39534 Malformed GAP submessage triggers assertion failure — Fast-DDSCWE-617 7.5 High2023-08-11
CVE-2021-38425 eProsima Fast DDS Network Amplification — Fast DDSCWE-406 7.5 High2022-05-05

This page lists every published CVE security advisory associated with eProsima. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.