Описание
An insecure deserialization vulnerability has been identified in ROS2 Galactic Geochelone ROS_VERSION 2 and ROS_PYTHON_VERSION 3, allows attackers to execute arbitrary code and obtain sensitive information via crafted input to the Data Serialization and Deserialization Components, Inter-Process Communication Mechanisms, and Network Communication Interfaces.
An insecure deserialization vulnerability has been identified in ROS2 Galactic Geochelone ROS_VERSION 2 and ROS_PYTHON_VERSION 3, allows attackers to execute arbitrary code and obtain sensitive information via crafted input to the Data Serialization and Deserialization Components, Inter-Process Communication Mechanisms, and Network Communication Interfaces.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2024-30704
- https://github.com/yashpatelphd/CVE-2024-30704
- http://www.openwall.com/lists/oss-security/2024/04/23/2
- http://www.openwall.com/lists/oss-security/2024/04/23/3
- http://www.openwall.com/lists/oss-security/2024/04/23/4
- http://www.openwall.com/lists/oss-security/2024/04/23/5
CVE ID
Связанные уязвимости
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that there was not reasonable evidence to determine the existence of a vulnerability.