Описание
A code execution vulnerability has been identified in the Robot Operating System (ROS) 'rosbag' tool, affecting ROS distributions Noetic Ninjemys and earlier. The vulnerability arises from the use of the eval() function to process unsanitized, user-supplied input in the 'rosbag filter' command. This flaw enables attackers to craft and execute arbitrary Python code.
| Релиз | Статус | Примечание |
|---|---|---|
| ros-esm/xenial | released | 1.12.17+9 |
| upstream | ignored | end of life |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| ros-esm/bionic | released | 1.14.13+5 |
| upstream | ignored | end of life |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| ros-esm/focal/noetic | released | 1.17.4+2 |
| upstream | ignored | end of life |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-apps/bionic | needs-triage | |
| esm-apps/focal | needs-triage | |
| esm-apps/jammy | needs-triage | |
| esm-apps/xenial | needs-triage | |
| focal | ignored | end of standard support, was needs-triage |
| jammy | needs-triage | |
| noble | DNE | |
| oracular | DNE | |
| plucky | DNE |
Показывать по
EPSS
7.8 High
CVSS3
Связанные уязвимости
A code execution vulnerability has been identified in the Robot Operating System (ROS) 'rosbag' tool, affecting ROS distributions Noetic Ninjemys and earlier. The vulnerability arises from the use of the eval() function to process unsanitized, user-supplied input in the 'rosbag filter' command. This flaw enables attackers to craft and execute arbitrary Python code.
A code execution vulnerability has been identified in the Robot Operat ...
A code execution vulnerability has been identified in the Robot Operating System (ROS) 'rosbag' tool, affecting ROS distributions Noetic Ninjemys and earlier. The vulnerability arises from the use of the eval() function to process unsanitized, user-supplied input in the 'rosbag filter' command. This flaw enables attackers to craft and execute arbitrary Python code.
EPSS
7.8 High
CVSS3