CNNVD-202507-2348 Information

CNNVD ID

CNNVD-202507-2348

Related CVE

CVE-2025-3753

• CNNVD Published: 2025-07-17

Description (Chinese)

Robot Operating System是ROS 2开源的机器人的元操作系统。 Robot Operating System存在安全漏洞，该漏洞源于rosbag工具使用eval函数处理未清理的用户输入，可能导致执行任意Python代码。

Description (English)

Robot Operation System is a meta-working system for robots from the open source of ROS 2. There is a security loophole in the Robot Operation System, which stems from the use of the eval function in the rosebag tool to process uncleaned user input, which may result in the implementation of any Python code.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

ROS 2

Published

2025-07-17

Last Modified

2026-02-24

References

https://www.ros.org/blog/noetic-eol/ https://nvd.nist.gov/vuln/detail/CVE-2025-3753

Patch

https://github.com/ros2/ros2/releases