High severity8.6NVD Advisory· Published Dec 30, 2019· Updated Jun 17, 2026
CVE-2019-13465
CVE-2019-13465
Description
An issue was discovered in the ROS communications-related packages (aka ros_comm or ros-melodic-ros-comm) through 1.14.3. ROS_ASSERT_MSG only works when ROS_ASSERT_ENABLED is defined. This leads to a problem in the remove() function in clients/roscpp/src/libros/spinner.cpp. When ROS_ASSERT_ENABLED is not defined, the iterator loop will run out of the scope of the array, and cause denial of service for other components (that depend on the communication-related functions of this package). NOTE: The reporter of this issue now believes it was a false alarm.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- ROS/ros_commdescription
- Range: <=1.14.3
Patches
Vulnerability mechanics
References
1- github.com/ros/ros_comm/issues/1748nvdThird Party Advisory
News mentions
0No linked articles in our index yet.