There are 2 open security issues in bullseye.
2 issues left for the package maintainer to handle:
- CVE-2021-38441:
(needs triaging)
Eclipse CycloneDDS versions prior to 0.8.0 are vulnerable to a write-what-where condition, which may allow an attacker to write arbitrary values in the XML parser.
- CVE-2021-38443:
(needs triaging)
Eclipse CycloneDDS versions prior to 0.8.0 improperly handle invalid structures, which may allow an attacker to write arbitrary values in the XML parser.
You can find information about how to handle these issues in the security team's documentation.