153 matches found
CVE-2024-38924
Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble versions were discovered to contain a use-after-free via the nav2amcl process. This vulnerability is triggered via remotely sending a request to change the value of dynamic-parameter/amcl lasermodeltype...
CVE-2024-38922
Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble version was discovered to contain a heap overflow in the nav2amcl process. This vulnerability is triggered via sending a crafted message to the component /initialpose...
CVE-2024-38923
Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble versions were discovered to contain a use-after-free via the nav2amcl process. This vulnerability is triggered via remotely sending a request to change the value of dynamic-parameter/amcl odomframeid...
CVE-2024-38921
Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble versions were discovered to contain a use-after-free via the nav2amcl process. This vulnerability is triggered via remotely sending a request for change the value of dynamic-parameter/amcl zrand...
CVE-2024-41647
Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble allows an attacker to execute arbitrary code via a crafted script to the nav2mppicontroller...
CVE-2024-41649
Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble allows an attacker to execute arbitrary code via a crafted script to the executorthread...
CVE-2024-41650
CVE-2024-41650 concerns an Insecure Permissions vulnerability in Open Robotics’ ROS 2 navigation2 (v.humble) affecting the nav2_costmap_2d component. The issue enables an attacker to execute arbitrary code via a crafted script, with impact stated as high for confidentiality and integrity and high...
CVE-2024-41645
Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble allows an attacker to execute arbitrary code via a crafted script to the nav2amcl...
CVE-2024-41648
CVE-2024-41648 concerns Open Robotics’ ROS 2 Navigation2 on the Humble release. The vulnerability arises from insecure permissions in the nav2_regulated_pure_pursuit_controller, enabling an attacker to execute arbitrary code by supplying a crafted script. Affected software: ROS 2 Navigation2 (nav...
CVE-2024-38927
Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble versions were discovered to contain a use-after-free via the nav2amcl process. This vulnerability is triggered via remotely sending a request to change the value of dynamic-parameter /amcl dobeamskip...
CVE-2024-41647
CVE-2024-41647 affects Open Robotics ROS2 navigation2 (v.humble) with an insecure permissions issue in the navigation2 package, specifically the nav2_mppi_controller. The root cause is improper permission controls that could allow an attacker to execute arbitrary code via a crafted script sent to...
CVE-2024-41650
Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble allows an attacker to execute arbitrary code via a crafted script to the nav2costmap2d...
CVE-2024-41649
Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble allows an attacker to execute arbitrary code via a crafted script to the executorthread...
CVE-2024-41644
CVE-2024-41644 affects Open Robotics ROS 2 navigation2 (Humble) via the dyn_param_handler_ component. The documented vulnerability is an insecure permissions flaw that allows an attacker to execute arbitrary code. Across sources (NVD, Red Hat, CNNVD, CVE listings), the CVSS‑3.1 base score is 9.8 ...
CVE-2024-41650
Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble allows an attacker to execute arbitrary code via a crafted script to the nav2costmap2d...
CVE-2024-41648
Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble allows an attacker to execute arbitrary code via a crafted script to the nav2regulatedpurepursuitcontroller...
CVE-2024-41646
Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble allows an attacker to execute arbitrary code via a crafted script to the nav2dwbcontroller...
PT-2024-29479 · Open Robotics · Ros2
Name of the Vulnerable Software and Affected Versions: Open Robotics Robotic Operating System 2 ROS2 navigation2 version humble Description: The issue is related to insecure permissions in the navigation2 package of ROS2, specifically affecting the nav2 mppi controller. This allows an attacker to...
CVE-2024-41646
Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble allows an attacker to execute arbitrary code via a crafted script to the nav2dwbcontroller...
CVE-2024-44853
Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble was discovered to contain a NULL pointer dereference via the component computeControl...