Eclipse CycloneDDS versions before 0.8.0 improperly handle invalid structures, which may allow an malicious user to write arbitrary values in the XML parser.
eclipse cyclonedds