Openrobotics

Robot Operating System

11 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2025-3753

  • EPSS 0.02%
  • Veröffentlicht 17.07.2025 19:14:20
  • Zuletzt bearbeitet 26.08.2025 17:51:21

A code execution vulnerability has been identified in the Robot Operating System (ROS) 'rosbag' tool, affecting ROS distributions Noetic Ninjemys and earlier. The vulnerability arises from the use of the eval() function to process unsanitized, user-s...

7.8

CVE-2024-41921

  • EPSS 0.02%
  • Veröffentlicht 17.07.2025 19:13:34
  • Zuletzt bearbeitet 26.08.2025 17:51:29

A code injection vulnerability has been discovered in the Robot Operating System (ROS) 'rostopic' command-line tool, affecting ROS distributions Noetic Ninjemys and earlier. The vulnerability lies in the 'echo' verb, which allows a user to introspect...

7.8

CVE-2024-41148

  • EPSS 0.02%
  • Veröffentlicht 17.07.2025 19:12:54
  • Zuletzt bearbeitet 26.08.2025 17:51:37

A code injection vulnerability has been discovered in the Robot Operating System (ROS) 'rostopic' command-line tool, affecting ROS distributions Noetic Ninjemys and earlier. The vulnerability lies in the 'hz' verb, which reports the publishing rate o...

7.8

CVE-2024-39835

  • EPSS 0.02%
  • Veröffentlicht 17.07.2025 19:12:08
  • Zuletzt bearbeitet 26.08.2025 17:51:58

A code injection vulnerability has been identified in the Robot Operating System (ROS) 'roslaunch' command-line tool, affecting ROS distributions Noetic Ninjemys and earlier. The vulnerability arises from the use of the eval() method to process user-...

7.8

CVE-2024-39289

  • EPSS 0.02%
  • Veröffentlicht 17.07.2025 19:11:07
  • Zuletzt bearbeitet 26.08.2025 17:51:50

A code execution vulnerability has been discovered in the Robot Operating System (ROS) 'rosparam' tool, affecting ROS distributions Noetic Ninjemys and earlier. The vulnerability stems from the use of the eval() function to process unsanitized, user-...

9.8

CVE-2024-39780

  • EPSS 0.74%
  • Veröffentlicht 02.04.2025 08:15:13
  • Zuletzt bearbeitet 26.08.2025 16:36:48

A YAML deserialization vulnerability was found in the Robot Operating System (ROS) 'dynparam', a command-line tool for getting, setting, and deleting parameters of a dynamically configurable node, affecting ROS distributions Noetic and earlier. The i...

3.3

CVE-2024-25196

Exploit
  • EPSS 0.06%
  • Veröffentlicht 20.02.2024 14:15:09
  • Zuletzt bearbeitet 02.04.2025 20:15:41

Open Robotics Robotic Operating Sytstem 2 (ROS2) and Nav2 humble versions were discovered to contain a buffer overflow via the nav2_controller process. This vulnerability is triggerd via sending a crafted .yaml file.

6.5

CVE-2024-25197

Exploit
  • EPSS 0.17%
  • Veröffentlicht 20.02.2024 14:15:09
  • Zuletzt bearbeitet 02.04.2025 20:15:52

Open Robotics Robotic Operating Sytstem 2 (ROS2) and Nav2 humble versions were discovered to contain a NULL pointer dereference via the isCurrent() function at /src/layered_costmap.cpp.

9.1

CVE-2024-25198

Exploit
  • EPSS 0.07%
  • Veröffentlicht 20.02.2024 14:15:09
  • Zuletzt bearbeitet 02.04.2025 20:16:45

Inappropriate pointer order of laser_scan_filter_.reset() and tf_listener_.reset() (amcl_node.cpp) in Open Robotics Robotic Operating Sytstem 2 (ROS2) and Nav2 humble versions leads to a use-after-free.

8.1

CVE-2024-25199

Exploit
  • EPSS 0.07%
  • Veröffentlicht 20.02.2024 14:15:09
  • Zuletzt bearbeitet 02.04.2025 20:16:54

Inappropriate pointer order of map_sub_ and map_free(map_) (amcl_node.cpp) in Open Robotics Robotic Operating Sytstem 2 (ROS2) and Nav2 humble versions leads to a use-after-free.