2 matches found
Design/Logic Flaw
An issue was discovered in the ROS communications-related packages aka roscomm or ros-melodic-ros-comm through 1.14.3. ROSASSERTMSG only works when ROSASSERTENABLED is defined. This leads to a problem in the remove function in clients/roscpp/src/libros/spinner.cpp. When ROSASSERTENABLED is not...
CVE-2019-13465
CVE-2019-13465 affects ROS communications-related packages (ros_comm/ros-melodic-ros-comm) through 1.14.3. The root cause is that ROS_ASSERT_MSG only works when ROS_ASSERT_ENABLED is defined; when not defined, the iterator loop in remove() (clients/roscpp/src/libros/spinner.cpp) can run out of th...