Nav2 Security Vulnerabilities and Issues — Nav2 CVE List

Lucene search

OpennavNav2

4 matches found

CVE•added 2024/02/20 2:15 p.m.•6038 views

CVE-2024-25197

Open Robotics Robotic Operating Sytstem 2 (ROS2) and Nav2 humble versions were discovered to contain a NULL pointer dereference via the isCurrent() function at /src/layered_costmap.cpp.

6.5CVSS7.2AI score0.00166EPSS

CVE•added 2024/02/20 2:15 p.m.•4589 views

CVE-2024-25199

Inappropriate pointer order of map_sub_ and map_free(map_) (amcl_node.cpp) in Open Robotics Robotic Operating Sytstem 2 (ROS2) and Nav2 humble versions leads to a use-after-free.

8.1CVSS6.7AI score0.00071EPSS

CVE•added 2024/02/20 2:15 p.m.•4252 views

CVE-2024-25196

Open Robotics Robotic Operating Sytstem 2 (ROS2) and Nav2 humble versions were discovered to contain a buffer overflow via the nav2_controller process. This vulnerability is triggerd via sending a crafted .yaml file.

3.3CVSS7.6AI score0.00058EPSS

CVE•added 2024/02/20 2:15 p.m.•3898 views

CVE-2024-25198

Inappropriate pointer order of laser_scan_filter_.reset() and tf_listener_.reset() (amcl_node.cpp) in Open Robotics Robotic Operating Sytstem 2 (ROS2) and Nav2 humble versions leads to a use-after-free.

9.1CVSS6.7AI score0.00074EPSS