21 matches found
CVE-2026-26011
navigation2 is a ROS 2 Navigation Framework and System. In 1.3.11 and earlier, a critical heap out-of-bounds write vulnerability exists in Nav2 AMCL's particle filter clustering logic. By publishing a single crafted geometrymsgs/PoseWithCovarianceStamped message with extreme covariance values to...
PT-2026-7903
Name of the Vulnerable Software and Affected Versions navigation2 versions prior to 1.3.11 Description navigation2 is a ROS 2 Navigation Framework and System. A heap out-of-bounds write issue exists in Nav2 AMCL’s particle filter clustering logic. An unauthenticated attacker on the same ROS 2 DDS...
CVE-2024-41650
Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble allows an attacker to execute arbitrary code via a crafted script to the nav2costmap2d...
CVE-2024-44855
Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble was discovered to contain a NULL pointer dereference via the component nav2navfnplanner...
CVE-2024-38927
Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble versions were discovered to contain a use-after-free via the nav2amcl process. This vulnerability is triggered via remotely sending a request to change the value of dynamic-parameter /amcl dobeamskip...
Nav2 安全漏洞
Nav2 is the ROS community's navigation framework and system for ROS2. A security vulnerability exists in Nav2 that originates from the nav2amcl process containing post-release reuse. The vulnerability is triggered by remotely sending a request to change the value of lasermodeltype in the dynamic...
Nav2 安全漏洞
Nav2 is the ROS community's navigation framework and system for ROS2. A security vulnerability exists in Nav2 that originates from the nav2amcl process containing post-release reuse. The vulnerability is triggered by remotely sending a request to change the value of zrand in the dynamic...
Nav2 安全漏洞
Nav2 is the ROS community's navigation framework and system for ROS2. A security vulnerability exists in Nav2 that originates from the nav2amcl process containing post-release reuse. The vulnerability is triggered by remotely sending a request to change the value of zmax in the dynamic...
Nav2 安全漏洞
Nav2 is the ROS community's navigation framework and system for ROS2. A security vulnerability exists in Nav2 that stems from the component smoothPlan containing a null pointer dereference...
Nav2 安全漏洞
Nav2 is the ROS community's navigation framework and system for ROS2. A security vulnerability exists in Nav2 that originates from the nav2amcl process containing post-release reuse. The vulnerability is triggered by remotely sending a request to change the value of odomframeid in a dynamic...
Nav2 安全漏洞
Nav2 is the ROS community's navigation framework and system for ROS2. A security vulnerability exists in Nav2 that stems from a heap overflow contained in the nav2amcl process...
Nav2 全漏洞
Nav2 is the ROS community's navigation framework and system for ROS2. Nav2 has a security vulnerability that originates from the nav2amcl process containing post-release reuse. The vulnerability is triggered by remotely sending a request to change the value of zshort in the dynamic parameters/amc...
CVE-2024-37861
Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble versions were discovered to contain a buffer overflow via the nav2amcl process. This vulnerability is triggered via sending a crafted .yaml file...
Nav2 安全漏洞
Nav2 is the ROS community's navigation framework and system for ROS2. A security vulnerability exists in Nav2, which stems from an error throwing mechanism that contains a mechanism to execute arbitrary code...
Nav2 安全漏洞
Nav2 is the ROS community's navigation framework and system for ROS2. A security vulnerability exists in Nav2 that stems from the inclusion of a buffer overflow vulnerability. A local attacker exploiting this vulnerability could execute arbitrary code to the nav2planner process via a crafted .yam...
Nav2 安全漏洞
Nav2 is the ROS community's navigation framework and system for ROS2. A security vulnerability exists in Nav2 that stems from the inclusion of a buffer overflow vulnerability. A local attacker exploiting this vulnerability could execute arbitrary code to the nav2amcl process via a crafted .yaml...
PT-2024-23694 · Open Robotics · Ros2 +1
Name of the Vulnerable Software and Affected Versions: Open Robotics Robotic Operating System 2 ROS2 navigation2- ROS2-humble and navigation 2-humble Description: The issue allows a local attacker to execute arbitrary code via the initial pose sub thread created by nav2 bt navigator. This is due ...
PT-2024-20808 · Open Robotics · Ros2 +1
Name of the Vulnerable Software and Affected Versions: Open Robotics Robotic Operating Sytstem 2 ROS2 and Nav2 humble versions Description: A buffer overflow issue was discovered in the nav2 controller process, which can be triggered by sending a crafted .yaml file. Recommendations: For Open...
Nav2 Security Vulnerability
Nav2 is a navigation framework and system for ROS2. A security vulnerability exists in Nav2 that stems from an incorrect pointer order that can lead to reuse after release...
Nav2 Security Vulnerability
Nav2 is a navigation framework and system for ROS2. A security vulnerability exists in Nav2 that stems from the isCurrent function in /src/layeredcostmap.cpp containing a NULL pointer dereference...