CNNVD-202507-2337 Information

CNNVD ID

CNNVD-202507-2337

Related CVE

CVE-2024-41148

• CNNVD Published: 2025-07-17

Description (Chinese)

Robot Operating System是ROS 2开源的机器人的元操作系统。 Robot Operating System存在安全漏洞，该漏洞源于rostopic工具的hz动词使用eval函数处理未清理的用户输入，可能导致执行任意代码。

Description (English)

Robot Operation System is a meta-working system for robots from the open source of ROS 2. There is a security loophole in Robot Operation System, which stems from the verb hz of the rosetopic tool, which uses the eval function to process uncleaned user input, which may result in the execution of any code.

Hazard Level

Medium

Vulnerability Type

代码注入

Affected Vendor

ROS 2

Published

2025-07-17

Last Modified

2026-02-24

References

https://www.ros.org/blog/noetic-eol/ https://nvd.nist.gov/vuln/detail/CVE-2024-41148

Patch

https://github.com/ros2/ros2/releases