6 matches found
EUVD-2021-18770
Malware in sbrugna...
EUVD-2015-7734
Malware in sbrugna...
EUVD-2023-34814
Malicious code in bioql PyPI...
CVE-2024-41921 Unsafe use of eval() method in rostopic echo tool
A code injection vulnerability has been discovered in the Robot Operating System ROS 'rostopic' command-line tool, affecting ROS distributions Noetic Ninjemys and earlier. The vulnerability lies in the 'echo' verb, which allows a user to introspect a ROS topic and accepts a user-provided Python...
CVE-2024-39835
CVE-2024-39835 affects the Robot Operating System (ROS) roslaunch tool in Noetic Ninjemys and earlier. The root cause is the use of eval() to process user-supplied, unsanitized parameter values in the substitution args mechanism, which roslaunch evaluates before launching a node. This leads to a ...
DEBIAN-CVE-2024-39780
A YAML deserialization vulnerability was found in the Robot Operating System ROS 'dynparam', a command-line tool for getting, setting, and deleting parameters of a dynamically configurable node, affecting ROS distributions Noetic and earlier. The issue is caused by the use of the yaml.load functi...