漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Integer Underflow in DDS_Security_Deserialize_ methods may lead to OOB read
Vulnerability Description
An integer underflow during deserialization may allow any unauthenticated user to read out of bounds heap memory. This may result into secret data or pointers revealing the layout of the address space to be included into a deserialized data structure, which may potentially lead to thread crashes or cause denial of service conditions.
CVSS Information
N/A
Vulnerability Type
整数下溢(超界折返)
Vulnerability Title
Eclipse Cyclone DDS 安全漏洞
Vulnerability Description
Eclipse Cyclone DDS是Eclipse基金会的一个非常高性能和健壮的开源 DDS 实现。 Eclipse Cyclone DDS 0.10.5之前版本存在安全漏洞,该漏洞源于反序列化过程中整数下溢,可能导致未经身份验证的用户读取越界堆内存,从而泄露秘密数据或指针,导致线程崩溃或拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A