Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv2

CVE-2019-13445

Published: 30/12/2019 Updated: 09/01/2020
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 668
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Ros

Vulnerability Summary

An issue exists in the ROS communications-related packages (aka ros_comm or ros-melodic-ros-comm) up to and including 1.14.3. parseOptions() in tools/rosbag/src/record.cpp has an integer overflow when a crafted split option can be entered on the command line.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

ros ros-comm

Vendor Advisories

Debian CVElist Bug Report Logs: ros-ros-comm: CVE-2019-13445
Debian Bug report logs - #947947 ros-ros-comm: CVE-2019-13445 Package: src:ros-ros-comm; Maintainer for src:ros-ros-comm is Debian Science Maintainers <debian-science-maintainers@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Thu, 2 Jan 2020 15:42:04 UTC Severity: important Tag ...

References

CWE-190https://github.com/ros/ros_comm/pull/1741https://github.com/ros/ros_comm/issues/1738https://github.com/ros/ros_comm/blob/melodic-devel/tools/rosbag/src/record.cpp#L129https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=947947https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereferenceCVE-2023-52689CVE-2024-23803client sideCVE-2023-52696information disclosureCVE-2024-35843CVE-2024-27130CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook