153 matches found
CVE-2024-41649
CVE-2024-41649 affects the ROS 2 navigation2 component (v.humble) of Open Robotics ROS 2. The issue is an Insecure Permissions vulnerability that allows an attacker to execute arbitrary code via a crafted script to the executor_thread_. Root cause stated as insecure permissions. Impact is indicat...
CVE-2024-41647
Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble allows an attacker to execute arbitrary code via a crafted script to the nav2mppicontroller...
CVE-2024-41644
Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble allows an attacker to execute arbitrary code via the dynparamhandler component...
CVE-2024-38926
Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble versions were discovered to contain a use-after-free via the nav2amcl process. This vulnerability is triggered via remotely sending a request for change the value of dynamic-parameter /amcl zshort...
CVE-2024-44852
CVE-2024-44852 affects Open Robotics ROS2 navigation2 ( Humble ). The vulnerability is a segmentation violation in theta_star::ThetaStar::isUnsafeToPlan(), as described in multiple sources (NVD/Red Hat/CNNVD/CVELIST). CVSS vectors indicate network attack, low complexity with no privileges or user...
CVE-2024-41644
Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble allows an attacker to execute arbitrary code via the dynparamhandler component...
CVE-2024-41645
CVE-2024-41645 affects Open Robotics ROS 2 navigation2 (v.humble) — insecure permissions in the nav2__amcl component permit executing arbitrary code via a crafted script. The issue is described across multiple sources (including Red Hat and NVD listings) as a high-severity, network-based vulnerab...
CVE-2024-41646
The CVE-2024-41646 entry concerns the Open Robotics ROS2 Navigation2 (v.humble) insecure permissions issue in the nav2_dwb_controller. The root cause is insecure permissions that may allow an attacker to execute arbitrary code, with a network attack vector and no user interaction required. Impact...
CVE-2024-38923
Open Robotics ROS2 Humble and Nav2 Humble contain a use-after-free in the nav2_amcl process. The issue is triggered by a remote request to modify the dynamic parameter /amcl_odom_frame_id, enabling an attacker over the network to potentially compromise the affected system. CVSS indicates CRITICAL...
CVE-2024-38927
ROS2 (Humble) and Nav2 humble include a use-after-free in the nav2_amcl process, exploitable by remotely changing the dynamic parameter /amcl do_beamskip. This vulnerability affects the nav2_amcl path and is rated critical. PT-/security advisories suggest interim mitigations: disable the nav2_amc...
CVE-2024-38923
Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble versions were discovered to contain a use-after-free via the nav2amcl process. This vulnerability is triggered via remotely sending a request to change the value of dynamic-parameter/amcl odomframeid...
CVE-2024-41645
Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble allows an attacker to execute arbitrary code via a crafted script to the nav2amcl...
CVE-2024-44854
Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble was discovered to contain a NULL pointer dereference via the component smoothPlan...
CVE-2024-38924
Open Robotics ROS 2 (ROS2) and Nav2 Humble contain a use-after-free in the nav2_amcl process. The vulnerability is triggered by remotely changing the dynamic parameter /amcl_laser_model_type, enabling memory corruption through a crafted request. Affected components include the nav2_amcl workflow ...
CVE-2024-38924
Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble versions were discovered to contain a use-after-free via the nav2amcl process. This vulnerability is triggered via remotely sending a request to change the value of dynamic-parameter/amcl lasermodeltype...
CVE-2024-38910
Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble version was discovered to contain a use-after-free in the nav2amcl process. This vulnerability is triggered via sending a request to change dynamic parameters...
CVE-2024-38920
Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble versions were discovered to contain a use-after-free via the nav2amcl process. This vulnerability is triggerd via remotely sending a request for change the value of dynamic-parameter/amcl maxbeams...
CVE-2024-30963
Buffer Overflow vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2- ROS2-humble and navigation 2-humble allows a local attacker to execute arbitrary code via a crafted script...
CVE-2024-37863
Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble versions were discovered to contain a buffer overflow via the nav2amcl process. This vulnerability is triggered via sending a crafted .yaml file...
CVE-2024-37863
Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble versions were discovered to contain a buffer overflow via the nav2amcl process. This vulnerability is triggered via sending a crafted .yaml file...