Vulnerabilities > Openrobotics > Robot Operating System > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-12-06 | CVE-2024-44852 | Release of Invalid Pointer or Reference vulnerability in Openrobotics Robot Operating System 2 Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble was discovered to contain a segmentation violation via the component theta_star::ThetaStar::isUnsafeToPlan(). | 9.8 |
| 2024-12-06 | CVE-2024-41650 | Improper Preservation of Permissions vulnerability in Openrobotics Robot Operating System 2 Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble allows an attacker to execute arbitrary code via a crafted script to the nav2_costmap_2d. | 9.8 |
| 2024-12-06 | CVE-2024-41649 | Improper Preservation of Permissions vulnerability in Openrobotics Robot Operating System 2 Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble allows an attacker to execute arbitrary code via a crafted script to the executor_thread_. | 9.8 |
| 2024-12-06 | CVE-2024-41648 | Improper Preservation of Permissions vulnerability in Openrobotics Robot Operating System 2 Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble allows an attacker to execute arbitrary code via a crafted script to the nav2_regulated_pure_pursuit_controller. | 9.8 |
| 2024-12-06 | CVE-2024-41647 | Unspecified vulnerability in Openrobotics Robot Operating System 2 Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble allows an attacker to execute arbitrary code via a crafted script to the nav2_mppi_controller. | 9.8 |
| 2024-12-06 | CVE-2024-41646 | Improper Preservation of Permissions vulnerability in Openrobotics Robot Operating System 2 Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble allows an attacker to execute arbitrary code via a crafted script to the nav2_dwb_controller. | 9.8 |
| 2024-12-06 | CVE-2024-41645 | Improper Preservation of Permissions vulnerability in Openrobotics Robot Operating System 2 Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble allows an attacker to execute arbitrary code via a crafted script to the nav2__amcl. | 9.8 |
| 2024-12-06 | CVE-2024-41644 | Improper Preservation of Permissions vulnerability in Openrobotics Robot Operating System 2 Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble allows an attacker to execute arbitrary code via the dyn_param_handler_ component. | 9.8 |
| 2024-12-06 | CVE-2024-38927 | Use After Free vulnerability in Openrobotics Robot Operating System 2 Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to contain a use-after-free via the nav2_amcl process. | 9.8 |
| 2024-12-06 | CVE-2024-38926 | Use After Free vulnerability in Openrobotics Robot Operating System 2 Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to contain a use-after-free via the nav2_amcl process. | 9.8 |