Nav2 安全漏洞

Nav2 is the ROS community's navigation framework and system for ROS2. A security vulnerability exists in Nav2, which stems from a buffer overflow vulnerability. A local attacker exploiting this vulnerability could execute arbitrary code via the nav2amcl process...

PT-2024-23568 · Ros2 · Ros2

Name of the Vulnerable Software and Affected Versions: ROS2 Iron Irwini versions ROS VERSION 2 and ROS PYTHON VERSION 3 Description: An insecure deserialization issue allows attackers to execute arbitrary code via a crafted input to the Data Serialization and Deserialization Components,...

PT-2024-22898 · Ros2 · Ros2

Name of the Vulnerable Software and Affected Versions: ROS2 Humble Hawksbill versions where ROS VERSION is 2 and ROS PYTHON VERSION is 3 Description: An unauthorized access issue has been discovered, potentially allowing a malicious user to gain unauthorized access to multiple ROS2 nodes remotely...

PT-2024-14064 · Ros2 · Ros2

Name of the Vulnerable Software and Affected Versions: ROS2 Robot Operating System 2 Foxy Fitzroy Description: An issue was discovered in shell command execution in ROS2, allowing an attacker to run arbitrary commands and cause other impacts. The issue is related to the ROS VERSION=2 and ROS PYTH...