CNNVD-202507-2336 Information

CNNVD ID

CNNVD-202507-2336

Related CVE

CVE-2024-39835

• CNNVD Published: 2025-07-17

Description (Chinese)

Robot Operating System是ROS 2开源的机器人的元操作系统。 Robot Operating System存在安全漏洞，该漏洞源于roslaunch工具使用eval方法处理未清理的用户输入，可能导致执行任意Python代码。

Description (English)

Robot Operation System is a meta-working system for robots from the open source of ROS 2. There is a security loophole in the Robot Operation System, which stems from the use of the eval method of the Roselanch tool to process uncleaned user input, which may result in the implementation of any Python code.

Hazard Level

Medium

Vulnerability Type

代码注入

Affected Vendor

ROS 2

Published

2025-07-17

Last Modified

2026-02-24

References

https://www.ros.org/blog/noetic-eol/ https://nvd.nist.gov/vuln/detail/CVE-2024-39835

Patch

https://github.com/ros2/ros2/releases