VYPR

Robotic Operating System 2 (ROS2)

by Open Robotics

CVEs (11)

  • CVE-2024-38920CriDec 5, 2024
    risk 0.59cvss 9.1epss 0.01

    Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to contain a use-after-free via the nav2_amcl process. This vulnerability is triggerd via remotely sending a request for change the value of dynamic-parameter`/amcl max_beams` .

  • CVE-2024-30963HigDec 5, 2024
    risk 0.51cvss 7.8epss 0.00

    Buffer Overflow vulnerability in Open Robotics Robotic Operating System 2 (ROS2) navigation2- ROS2-humble and navigation 2-humble allows a local attacker to execute arbitrary code via a crafted script.

  • CVE-2024-25197MedFeb 20, 2024
    risk 0.42cvss 6.5epss 0.01

    Open Robotics Robotic Operating Sytstem 2 (ROS2) and Nav2 humble versions were discovered to contain a NULL pointer dereference via the isCurrent() function at /src/layered_costmap.cpp.

  • CVE-2024-38927CriDec 6, 2024
    risk 0.00cvss 9.8epss 0.01

    Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to contain a use-after-free via the nav2_amcl process. This vulnerability is triggered via remotely sending a request to change the value of dynamic-parameter `/amcl do_beamskip`.

  • CVE-2024-38925CriDec 6, 2024
    risk 0.00cvss 9.8epss 0.01

    Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to contain a use-after-free via the nav2_amcl process. This vulnerability is triggered via remotely sending a request for change the value of dynamic-parameter`/amcl z_max` .

  • CVE-2024-38921CriDec 6, 2024
    risk 0.00cvss 9.8epss 0.01

    Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to contain a use-after-free via the nav2_amcl process. This vulnerability is triggered via remotely sending a request for change the value of dynamic-parameter`/amcl z_rand ` .

  • CVE-2024-30962HigDec 5, 2024
    risk 0.00cvss 7.8epss 0.00

    Buffer Overflow vulnerability in Open Robotics Robotic Operating System 2 (ROS2) navigation2- ROS2-humble and navigation 2-humble allows a local attacker to execute arbitrary code via the nav2_amcl process

  • CVE-2024-30961HigDec 5, 2024
    risk 0.00cvss 7.8epss 0.00

    Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 (ROS2) navigation2- ROS2-humble and navigation 2-humble allows a local attacker to execute arbitrary code via the error-thrown mechanism in nav2_bt_navigator.

  • CVE-2024-25199HigFeb 20, 2024
    risk 0.00cvss 8.1epss 0.01

    Inappropriate pointer order of map_sub_ and map_free(map_) (amcl_node.cpp) in Open Robotics Robotic Operating Sytstem 2 (ROS2) and Nav2 humble versions leads to a use-after-free.

  • CVE-2024-25198CriFeb 20, 2024
    risk 0.00cvss 9.1epss 0.01

    Inappropriate pointer order of laser_scan_filter_.reset() and tf_listener_.reset() (amcl_node.cpp) in Open Robotics Robotic Operating Sytstem 2 (ROS2) and Nav2 humble versions leads to a use-after-free.

  • CVE-2024-25196LowFeb 20, 2024
    risk 0.00cvss 3.3epss 0.00

    Open Robotics Robotic Operating Sytstem 2 (ROS2) and Nav2 humble versions were discovered to contain a buffer overflow via the nav2_controller process. This vulnerability is triggerd via sending a crafted .yaml file.