Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2019-13465

Опубликовано: 30 дек. 2019
Источник: ubuntu
Приоритет: medium
CVSS2: 5
CVSS3: 8.6

Описание

An issue was discovered in the ROS communications-related packages (aka ros_comm or ros-melodic-ros-comm) through 1.14.3. ROS_ASSERT_MSG only works when ROS_ASSERT_ENABLED is defined. This leads to a problem in the remove() function in clients/roscpp/src/libros/spinner.cpp. When ROS_ASSERT_ENABLED is not defined, the iterator loop will run out of the scope of the array, and cause denial of service for other components (that depend on the communication-related functions of this package). NOTE: The reporter of this issue now believes it was a false alarm.

РелизСтатусПримечание
bionic

ignored

end of standard support, was needs-triage
devel

DNE

disco

ignored

end of life
eoan

ignored

end of life
esm-apps/bionic

needs-triage

esm-apps/focal

not-affected

1.14.3+ds1-11
esm-apps/jammy

not-affected

1.14.3+ds1-11
esm-apps/xenial

needs-triage

esm-infra-legacy/trusty

DNE

focal

not-affected

1.14.3+ds1-11

Показывать по

Ссылки на источники

5 Medium

CVSS2

8.6 High

CVSS3

Связанные уязвимости

nvd логотип

CVE-2019-13465

CVSS3: 8.6
nvd
около 6 лет назад

An issue was discovered in the ROS communications-related packages (aka ros_comm or ros-melodic-ros-comm) through 1.14.3. ROS_ASSERT_MSG only works when ROS_ASSERT_ENABLED is defined. This leads to a problem in the remove() function in clients/roscpp/src/libros/spinner.cpp. When ROS_ASSERT_ENABLED is not defined, the iterator loop will run out of the scope of the array, and cause denial of service for other components (that depend on the communication-related functions of this package). NOTE: The reporter of this issue now believes it was a false alarm.

debian логотип

CVE-2019-13465

CVSS3: 8.6
debian
около 6 лет назад

An issue was discovered in the ROS communications-related packages (ak ...

github логотип

GHSA-4cwx-xrxh-9ff7

github
больше 3 лет назад

An issue was discovered in the ROS communications-related packages (aka ros_comm or ros-melodic-ros-comm) through 1.14.3. ROS_ASSERT_MSG only works when ROS_ASSERT_ENABLED is defined. This leads to a problem in the remove() function in clients/roscpp/src/libros/spinner.cpp. When ROS_ASSERT_ENABLED is not defined, the iterator loop will run out of the scope of the array, and cause denial of service for other components (that depend on the communication-related functions of this package).

5 Medium

CVSS2

8.6 High

CVSS3