11 matches found
EUVD-2021-23720
Malware in sbrugna...
DEBIAN-CVE-2024-41148
A code injection vulnerability has been discovered in the Robot Operating System ROS 'rostopic' command-line tool, affecting ROS distributions Noetic Ninjemys and earlier. The vulnerability lies in the 'hz' verb, which reports the publishing rate of a topic and accepts a user-provided Python...
CVE-2024-41148 Unsafe use of eval() method in rostopic hz tool
A code injection vulnerability has been discovered in the Robot Operating System ROS 'rostopic' command-line tool, affecting ROS distributions Noetic Ninjemys and earlier. The vulnerability lies in the 'hz' verb, which reports the publishing rate of a topic and accepts a user-provided Python...
CVE-2024-39289 Unsafe use of eval() method in rosparam tool
A code execution vulnerability has been discovered in the Robot Operating System ROS 'rosparam' tool, affecting ROS distributions Noetic Ninjemys and earlier. The vulnerability stems from the use of the eval function to process unsanitized, user-supplied parameter values via special converters fo...
PT-2025-29950 · Unknown +1 · Robot Operating System +1
Name of the Vulnerable Software and Affected Versions: Robot Operating System ROS versions prior to Noetic Ninjemys Description: A code execution issue exists in the 'rosparam' tool due to the use of the eval function with unsanitized, user-supplied parameter values. This occurs when processing...
CVE-2024-39780
A YAML deserialization vulnerability was found in the Robot Operating System ROS 'dynparam', a command-line tool for getting, setting, and deleting parameters of a dynamically configurable node, affecting ROS distributions Noetic and earlier. The issue is caused by the use of the yaml.load functi...
CVE-2021-37146
An infinite loop in Open Robotics roscomm XMLRPC server in ROS Melodic through 1.4.11 and ROS Noetic through1.15.11 allows remote attackers to cause a Denial of Service in roscomm via a crafted XMLRPC call...
Open redirect
An infinite loop in Open Robotics roscomm XMLRPC server in ROS Melodic through 1.4.11 and ROS Noetic through1.15.11 allows remote attackers to cause a Denial of Service in roscomm via a crafted XMLRPC call...
CVE-2021-37146
CVE-2021-37146 involves an infinite loop in the Open Robotics ros_comm XMLRPC server, affecting ROS Melodic <=1.4.11 and ROS Noetic
CVE-2021-37146
An infinite loop in Open Robotics roscomm XMLRPC server in ROS Melodic through 1.4.11 and ROS Noetic through1.15.11 allows remote attackers to cause a Denial of Service in roscomm via a crafted XMLRPC call...
CVE-2021-37146
An infinite loop in Open Robotics roscomm XMLRPC server in ROS Melodic through 1.4.11 and ROS Noetic through1.15.11 allows remote attackers to cause a Denial of Service in roscomm via a crafted XMLRPC call...