VYPR
Vendor

Ros Navigation

Products
2
CVEs
22
Across products
22
Status
Private

Products

2

Recent CVEs

22
View all 22 CVEs →
  • CVE-2024-37863CriDec 5, 2024
    risk 0.64cvss 9.8epss 0.01

    Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to contain a buffer overflow via the nav2_amcl process. This vulnerability is triggered via sending a crafted .yaml file.

  • CVE-2024-37861CriDec 5, 2024
    risk 0.64cvss 9.8epss 0.01

    Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to contain a buffer overflow via the nav2_amcl process. This vulnerability is triggered via sending a crafted .yaml file.

  • CVE-2024-38920CriDec 5, 2024
    risk 0.59cvss 9.1epss 0.01

    Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to contain a use-after-free via the nav2_amcl process. This vulnerability is triggerd via remotely sending a request for change the value of dynamic-parameter`/amcl max_beams` .

  • CVE-2024-30963HigDec 5, 2024
    risk 0.51cvss 7.8epss 0.00

    Buffer Overflow vulnerability in Open Robotics Robotic Operating System 2 (ROS2) navigation2- ROS2-humble and navigation 2-humble allows a local attacker to execute arbitrary code via a crafted script.

  • CVE-2024-38910HigDec 5, 2024
    risk 0.49cvss 7.5epss 0.01

    Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble version was discovered to contain a use-after-free in the nav2_amcl process. This vulnerability is triggered via sending a request to change dynamic parameters.

  • CVE-2024-37862HigDec 5, 2024
    risk 0.47cvss 7.3epss 0.00

    Buffer Overflow vulnerability in Open Robotic Robotic Operating System 2 ROS2 navigation2- ROS2-humble&& navigation2-humble allows a local attacker to execute arbitrary code via a crafted .yaml file to the nav2_planner process.

  • CVE-2024-37860HigDec 5, 2024
    risk 0.47cvss 7.3epss 0.00

    Buffer Overflow vulnerability in Open Robotic Operating System 2 ROS2 navigation2- ROS2-humble&& navigation2-humble allows a local attacker to execute arbitrary code via a crafted .yaml file to the nav2_amcl process

  • CVE-2024-30964HigDec 5, 2024
    risk 0.44cvss 7.8epss 0.00

    Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 (ROS2) navigation2- ROS2-humble and navigation 2-humble allows a local attacker to execute arbitrary code via the initial_pose_sub thread created by nav2_bt_navigator

  • CVE-2024-25197MedFeb 20, 2024
    risk 0.42cvss 6.5epss 0.01

    Open Robotics Robotic Operating Sytstem 2 (ROS2) and Nav2 humble versions were discovered to contain a NULL pointer dereference via the isCurrent() function at /src/layered_costmap.cpp.

  • CVE-2023-30394MedMay 11, 2023
    risk 0.40cvss 6.1epss 0.01

    The MoveIt framework 1.1.11 for ROS allows cross-site scripting (XSS) via the API authentication function. NOTE: this issue is disputed by the original reporter because it has "no impact."

  • CVE-2026-26011Feb 12, 2026
    risk 0.00cvss epss 0.01

    navigation2 is a ROS 2 Navigation Framework and System. In 1.3.11 and earlier, a critical heap out-of-bounds write vulnerability exists in Nav2 AMCL's particle filter clustering logic. By publishing a single crafted geometry_msgs/PoseWithCovarianceStamped message with extreme…

  • CVE-2024-44856HigDec 6, 2024
    risk 0.00cvss 7.5epss 0.01

    Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble was discovered to contain a NULL pointer dereference via the component nav2_smac_planner().

  • CVE-2024-44855HigDec 6, 2024
    risk 0.00cvss 7.5epss 0.01

    Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble was discovered to contain a NULL pointer dereference via the component nav2_navfn_planner().

  • CVE-2024-44853HigDec 6, 2024
    risk 0.00cvss 7.5epss 0.01

    Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble was discovered to contain a NULL pointer dereference via the component computeControl().

  • CVE-2024-41650CriDec 6, 2024
    risk 0.00cvss 9.8epss 0.00

    Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble allows an attacker to execute arbitrary code via a crafted script to the nav2_costmap_2d.

  • CVE-2024-41649CriDec 6, 2024
    risk 0.00cvss 9.8epss 0.01

    Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble allows an attacker to execute arbitrary code via a crafted script to the executor_thread_.

  • CVE-2024-41648CriDec 6, 2024
    risk 0.00cvss 9.8epss 0.00

    Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble allows an attacker to execute arbitrary code via a crafted script to the nav2_regulated_pure_pursuit_controller.

  • CVE-2024-41645CriDec 6, 2024
    risk 0.00cvss 9.8epss 0.01

    Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble allows an attacker to execute arbitrary code via a crafted script to the nav2__amcl.

  • CVE-2024-41644CriDec 6, 2024
    risk 0.00cvss 9.8epss 0.01

    Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble allows an attacker to execute arbitrary code via the dyn_param_handler_ component.

  • CVE-2024-38924CriDec 6, 2024
    risk 0.00cvss 9.8epss 0.01

    Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to contain a use-after-free via the nav2_amcl process. This vulnerability is triggered via remotely sending a request to change the value of dynamic-parameter`/amcl laser_model_type` .