CNNVD-202507-2334 Information

CNNVD ID

CNNVD-202507-2334

Related CVE

CVE-2024-39289

• CNNVD Published: 2025-07-17

Description (Chinese)

Robot Operating System是ROS 2开源的机器人的元操作系统。 Robot Operating System存在安全漏洞，该漏洞源于rosparam工具使用eval函数处理未清理的用户输入，可能导致执行任意Python代码。

Description (English)

Robot Operation System is a meta-working system for robots from the open source of ROS 2. There is a security loophole in the Robot Operation System, which stems from the use of the eval function of the Roseparam tool to process uncleaned user input, which may result in the implementation of any Python code.

Hazard Level

Medium

Vulnerability Type

代码注入

Affected Vendor

ROS 2

Published

2025-07-17

Last Modified

2026-02-24

References

https://www.ros.org/blog/noetic-eol/ https://nvd.nist.gov/vuln/detail/CVE-2024-39289

Patch

https://github.com/ros2/ros2/releases