283 matches found
CVE-2024-39835 Unsafe use of eval() method in roslaunch tool
A code injection vulnerability has been identified in the Robot Operating System ROS 'roslaunch' command-line tool, affecting ROS distributions Noetic Ninjemys and earlier. The vulnerability arises from the use of the eval method to process user-supplied, unsanitized parameter values within the...
CVE-2024-39835 Unsafe use of eval() method in roslaunch tool
A code injection vulnerability has been identified in the Robot Operating System ROS 'roslaunch' command-line tool, affecting ROS distributions Noetic Ninjemys and earlier. The vulnerability arises from the use of the eval method to process user-supplied, unsanitized parameter values within the...
CVE-2024-39835
A code injection vulnerability has been identified in the Robot Operating System ROS 'roslaunch' command-line tool, affecting ROS distributions Noetic Ninjemys and earlier. The vulnerability arises from the use of the eval method to process user-supplied, unsanitized parameter values within the...
CVE-2024-39289
A code execution vulnerability has been discovered in the Robot Operating System ROS 'rosparam' tool, affecting ROS distributions Noetic Ninjemys and earlier. The vulnerability stems from the use of the eval function to process unsanitized, user-supplied parameter values via special converters fo...
CVE-2024-39289
The CVE-2024-39289 entry concerns the ROS rosparam tool. Affected software: Robot Operating System (ROS) distributions Noetic Ninjemys and earlier, where rosparam processes unsanitized parameter values using special converters for angle representations in radians. Root cause: use of Python’s eval...
CVE-2024-39289 Unsafe use of eval() method in rosparam tool
A code execution vulnerability has been discovered in the Robot Operating System ROS 'rosparam' tool, affecting ROS distributions Noetic Ninjemys and earlier. The vulnerability stems from the use of the eval function to process unsanitized, user-supplied parameter values via special converters fo...
Robot Operating System 代码注入漏洞
Robot Operating System is a meta-operating system for ROS 2 open source robots. A security vulnerability exists in Robot Operating System that stems from the hz verb of the rostopic tool using the eval function to process uncleaned user input, which could lead to the execution of arbitrary code...
Robot Operating System 代码注入漏洞
Robot Operating System is a meta-operating system for ROS 2 open source robots. A security vulnerability exists in Robot Operating System that stems from the rosparam tool's use of the eval function to process uncleaned user input, which could lead to the execution of arbitrary Python code...
PT-2025-29951 · Unknown +1 · Robot Operating System +1
Name of the Vulnerable Software and Affected Versions: Robot Operating System ROS versions prior to Noetic Ninjemys Description: A code injection issue exists in the 'roslaunch' command-line tool due to the use of the eval method to process unsanitized parameter values within the substitution arg...
PT-2025-29952 · Unknown +1 · Robot Operating System +1
Name of the Vulnerable Software and Affected Versions: Robot Operating System ROS versions prior to Noetic Ninjemys Description: A code injection issue exists in the 'rostopic' command-line tool. The vulnerability is located in the 'hz' verb, which uses the --filter option to accept a user-provid...
PT-2025-29950 · Unknown +1 · Robot Operating System +1
Name of the Vulnerable Software and Affected Versions: Robot Operating System ROS versions prior to Noetic Ninjemys Description: A code execution issue exists in the 'rosparam' tool due to the use of the eval function with unsanitized, user-supplied parameter values. This occurs when processing...
Robot Operating System 代码注入漏洞
Robot Operating System is a meta-operating system for ROS 2 open source robots. A security vulnerability exists in Robot Operating System that stems from the roslaunch tool's use of the eval method to process uncleaned user input, which could lead to the execution of arbitrary Python code...
Robot Operating System 安全漏洞
Robot Operating System is a meta-operating system for ROS 2 open source robots. A security vulnerability exists in Robot Operating System that stems from the echo verb of the rostopic tool using the eval function to process uncleared user input, which could lead to the execution of arbitrary code...
PT-2025-29953 · Unknown +1 · Robot Operating System +1
Name of the Vulnerable Software and Affected Versions: Robot Operating System ROS versions prior to Noetic Ninjemys Description: A code injection issue exists in the rostopic command-line tool within the Robot Operating System ROS. The vulnerability is located in the echo verb, which utilizes the...
Robot Operating System 安全漏洞
Robot Operating System is a meta-operating system for ROS 2 open source robots. A security vulnerability exists in Robot Operating System that stems from the rosbag tool's use of the eval function to process uncleaned user input, which could lead to the execution of arbitrary Python code...
CVE-2024-30961
Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2- ROS2-humble and navigation 2-humble allows a local attacker to execute arbitrary code via the error-thrown mechanism in nav2btnavigator...
CVE-2024-30964
Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2- ROS2-humble and navigation 2-humble allows a local attacker to execute arbitrary code via the initialposesub thread created by nav2btnavigator...
CVE-2024-30962
Buffer Overflow vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2- ROS2-humble and navigation 2-humble allows a local attacker to execute arbitrary code via the nav2amcl process...
CVE-2024-38927
Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble versions were discovered to contain a use-after-free via the nav2amcl process. This vulnerability is triggered via remotely sending a request to change the value of dynamic-parameter /amcl dobeamskip...
CVE-2024-38923
Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble versions were discovered to contain a use-after-free via the nav2amcl process. This vulnerability is triggered via remotely sending a request to change the value of dynamic-parameter/amcl odomframeid...