Vulnerability Details CVE-2021-38445
OCI OpenDDS versions prior to 3.18.1 do not handle a length parameter consistent with the actual length of the associated data, which may allow an attacker to remotely execute arbitrary code.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.026
EPSS Ranking 83.4%
CVSS Severity
CVSS v3 Score 7.0
CVSS v2 Score 7.5
Products affected by CVE-2021-38445
-
cpe:2.3:a:objectcomputing:opendds:-
-
cpe:2.3:a:objectcomputing:opendds:0.10
-
cpe:2.3:a:objectcomputing:opendds:0.11
-
cpe:2.3:a:objectcomputing:opendds:0.12
-
cpe:2.3:a:objectcomputing:opendds:0.5
-
cpe:2.3:a:objectcomputing:opendds:0.6
-
cpe:2.3:a:objectcomputing:opendds:0.7
-
cpe:2.3:a:objectcomputing:opendds:0.8
-
cpe:2.3:a:objectcomputing:opendds:0.9
-
cpe:2.3:a:objectcomputing:opendds:1.0
-
cpe:2.3:a:objectcomputing:opendds:1.1
-
cpe:2.3:a:objectcomputing:opendds:1.2
-
cpe:2.3:a:objectcomputing:opendds:1.3
-
cpe:2.3:a:objectcomputing:opendds:2.0
-
cpe:2.3:a:objectcomputing:opendds:2.0.1
-
cpe:2.3:a:objectcomputing:opendds:2.1
-
cpe:2.3:a:objectcomputing:opendds:2.1.1
-
cpe:2.3:a:objectcomputing:opendds:2.1.2
-
cpe:2.3:a:objectcomputing:opendds:2.1.3
-
cpe:2.3:a:objectcomputing:opendds:2.2
-
cpe:2.3:a:objectcomputing:opendds:2.3
-
cpe:2.3:a:objectcomputing:opendds:2.4
-
cpe:2.3:a:objectcomputing:opendds:3.0
-
cpe:2.3:a:objectcomputing:opendds:3.0.1
-
cpe:2.3:a:objectcomputing:opendds:3.1
-
cpe:2.3:a:objectcomputing:opendds:3.10
-
cpe:2.3:a:objectcomputing:opendds:3.11
-
cpe:2.3:a:objectcomputing:opendds:3.12
-
cpe:2.3:a:objectcomputing:opendds:3.13
-
cpe:2.3:a:objectcomputing:opendds:3.13.1
-
cpe:2.3:a:objectcomputing:opendds:3.13.2
-
cpe:2.3:a:objectcomputing:opendds:3.13.3
-
cpe:2.3:a:objectcomputing:opendds:3.14
-
cpe:2.3:a:objectcomputing:opendds:3.14.1
-
cpe:2.3:a:objectcomputing:opendds:3.15
-
cpe:2.3:a:objectcomputing:opendds:3.16
-
cpe:2.3:a:objectcomputing:opendds:3.17.0
-
cpe:2.3:a:objectcomputing:opendds:3.18.0
-
cpe:2.3:a:objectcomputing:opendds:3.2
-
cpe:2.3:a:objectcomputing:opendds:3.3
-
cpe:2.3:a:objectcomputing:opendds:3.4
-
cpe:2.3:a:objectcomputing:opendds:3.4.1
-
cpe:2.3:a:objectcomputing:opendds:3.5
-
cpe:2.3:a:objectcomputing:opendds:3.5.1
-
cpe:2.3:a:objectcomputing:opendds:3.6
-
cpe:2.3:a:objectcomputing:opendds:3.7
-
cpe:2.3:a:objectcomputing:opendds:3.8
-
cpe:2.3:a:objectcomputing:opendds:3.9