{"id":"CVE-2023-23932","summary":"Specially crafted RTPS message may cause an OpenDDS application to crash","details":"OpenDDS is an open source C++ implementation of the Object Management Group (OMG) Data Distribution Service (DDS). OpenDDS applications that are exposed to untrusted RTPS network traffic may crash when parsing badly-formed input. This issue has been patched in version 3.23.1.","aliases":["GHSA-8wvq-25f5-f8h4"],"modified":"2026-04-16T04:11:02.846638Z","published":"2023-02-03T20:08:31.160Z","database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/23xxx/CVE-2023-23932.json","cwe_ids":["CWE-248"],"cna_assigner":"GitHub_M"},"references":[{"type":"WEB","url":"https://github.com/OpenDDS/OpenDDS/releases/tag/DDS-3.23.1"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/23xxx/CVE-2023-23932.json"},{"type":"ADVISORY","url":"https://github.com/OpenDDS/OpenDDS/security/advisories/GHSA-8wvq-25f5-f8h4"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-23932"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/opendds/opendds","events":[{"introduced":"0"},{"fixed":"e5d2e5c960bafb199b7c9bc4a837918115855b33"}],"database_specific":{"extracted_events":[{"introduced":"0"},{"fixed":"3.23.1"}],"source":["CPE_FIELD","REFERENCES"],"cpe":"cpe:2.3:a:objectcomputing:opendds:*:*:*:*:*:*:*:*"}}],"versions":["DDS-3.10","DDS-3.12","DDS-3.13","DDS-3.14","DDS-3.14-pre1","DDS-3.14-pre2","DDS-3.14-pre3","DDS-3.14-pre4","DDS-3.14-pre5","DDS-3.15","DDS-3.15-pre1","DDS-3.15-pre10","DDS-3.15-pre11","DDS-3.15-pre12","DDS-3.15-pre13","DDS-3.15-pre14","DDS-3.15-pre15","DDS-3.15-pre16","DDS-3.15-pre17","DDS-3.15-pre18","DDS-3.15-pre19","DDS-3.15-pre2","DDS-3.15-pre20","DDS-3.15-pre21","DDS-3.15-pre22","DDS-3.15-pre23","DDS-3.15-pre24","DDS-3.15-pre3","DDS-3.15-pre4","DDS-3.15-pre5","DDS-3.15-pre6","DDS-3.15-pre7","DDS-3.15-pre8","DDS-3.15-pre9","DDS-3.16","DDS-3.16-pre21","DDS-3.17","DDS-3.17-pre1","DDS-3.17-pre13","DDS-3.17-pre14","DDS-3.17-pre15","DDS-3.17-pre16","DDS-3.17-pre17","DDS-3.17-pre18","DDS-3.17-pre19","DDS-3.17-pre2","DDS-3.17-pre20","DDS-3.17-pre21","DDS-3.17-pre22","DDS-3.17-pre23","DDS-3.17-pre24","DDS-3.17-pre4","DDS-3.17-pre5","DDS-3.17-pre7","DDS-3.18","DDS-3.18-pre1","DDS-3.19","DDS-3.20","DDS-3.21","DDS-3.22","DDS-3.23","DDS-3.7","DDS-3.8","DDS-3.9","green-35","green-36","vxworks-pkgs-2210"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-23932.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}]}