13 matches found
CVE-2024-38910
Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble version was discovered to contain a use-after-free in the nav2amcl process. This vulnerability is triggered via sending a request to change dynamic parameters...
CVE-2024-38927
Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble versions were discovered to contain a use-after-free via the nav2amcl process. This vulnerability is triggered via remotely sending a request to change the value of dynamic-parameter /amcl dobeamskip...
CVE-2024-38926
CVE-2024-38926 affects the ROS 2 ecosystem (ROS 2 Humble and Nav2 Humble) and is due to a use-after-free in the nav2_amcl process. The vulnerability is triggered by remotely sending a request to change the dynamic-parameter /amcl z_short, indicating a remote-access impact vector. The CVSS v3.1 me...
CVE-2024-38925
Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble versions were discovered to contain a use-after-free via the nav2amcl process. This vulnerability is triggered via remotely sending a request for change the value of dynamic-parameter/amcl zmax...
CVE-2024-38922
Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble version was discovered to contain a heap overflow in the nav2amcl process. This vulnerability is triggered via sending a crafted message to the component /initialpose...
CVE-2024-38923
Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble versions were discovered to contain a use-after-free via the nav2amcl process. This vulnerability is triggered via remotely sending a request to change the value of dynamic-parameter/amcl odomframeid...
CVE-2024-38921
CVE-2024-38921 affects ROS 2 / Nav2 Humble, with a use-after-free in the nav2_amcl process triggered by a remote request to change the value of the dynamic parameter /amcl z_rand. Affected components: Open Robotics ROS 2 and Nav2 humble versions; root cause described as use-after-free in nav2_amc...
CVE-2024-38927
Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble versions were discovered to contain a use-after-free via the nav2amcl process. This vulnerability is triggered via remotely sending a request to change the value of dynamic-parameter /amcl dobeamskip...
CVE-2024-30962
Buffer Overflow vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2- ROS2-humble and navigation 2-humble allows a local attacker to execute arbitrary code via the nav2amcl process...
CVE-2024-37863
CVE-2024-37863 affects Open Robotics ROS 2 (ROS2) and Nav2 humble, with a buffer overflow in the nav2_amcl process triggered by a crafted YAML file. Public sources describe vulnerable components and the advisory mentions a high-severity impact (NVD metrics show CVSS v3.1: 9.8, network attack vect...
CVE-2024-38920
Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble versions were discovered to contain a use-after-free via the nav2amcl process. This vulnerability is triggerd via remotely sending a request for change the value of dynamic-parameter/amcl maxbeams...
CVE-2024-37861
Open Robotics ROS2 and Nav2 humble versions are affected by a buffer overflow in the nav2_amcl process triggered by a crafted YAML file. The vulnerability affects the navigation stack component nav2_amcl and can lead to a high-severity impact (C/H/I/A). There is no specific patch/version remediat...
CVE-2024-38910
Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble version was discovered to contain a use-after-free in the nav2amcl process. This vulnerability is triggered via sending a request to change dynamic parameters...