Total
                    33 CVE
                
            | CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 | 
|---|---|---|---|---|---|
| CVE-2024-39835 | 1 Openrobotics | 1 Robot Operating System | 2025-08-26 | N/A | 7.8 HIGH | 
| A code injection vulnerability has been identified in the Robot Operating System (ROS) 'roslaunch' command-line tool, affecting ROS distributions Noetic Ninjemys and earlier. The vulnerability arises from the use of the eval() method to process user-supplied, unsanitized parameter values within the substitution args mechanism, which roslaunch evaluates before launching a node. This flaw allows attackers to craft and execute arbitrary Python code. | |||||
| CVE-2024-39289 | 1 Openrobotics | 1 Robot Operating System | 2025-08-26 | N/A | 7.8 HIGH | 
| A code execution vulnerability has been discovered in the Robot Operating System (ROS) 'rosparam' tool, affecting ROS distributions Noetic Ninjemys and earlier. The vulnerability stems from the use of the eval() function to process unsanitized, user-supplied parameter values via special converters for angle representations in radians. This flaw allowed attackers to craft and execute arbitrary Python code. | |||||
| CVE-2024-41148 | 1 Openrobotics | 1 Robot Operating System | 2025-08-26 | N/A | 7.8 HIGH | 
| A code injection vulnerability has been discovered in the Robot Operating System (ROS) 'rostopic' command-line tool, affecting ROS distributions Noetic Ninjemys and earlier. The vulnerability lies in the 'hz' verb, which reports the publishing rate of a topic and accepts a user-provided Python expression via the --filter option. This input is passed directly to the eval() function without sanitization, allowing a local user to craft and execute arbitrary code. | |||||
| CVE-2024-41921 | 1 Openrobotics | 1 Robot Operating System | 2025-08-26 | N/A | 7.8 HIGH | 
| A code injection vulnerability has been discovered in the Robot Operating System (ROS) 'rostopic' command-line tool, affecting ROS distributions Noetic Ninjemys and earlier. The vulnerability lies in the 'echo' verb, which allows a user to introspect a ROS topic and accepts a user-provided Python expression via the --filter option. This input is passed directly to the eval() function without sanitization, allowing a local user to craft and execute arbitrary code. | |||||
| CVE-2025-3753 | 1 Openrobotics | 1 Robot Operating System | 2025-08-26 | N/A | 7.8 HIGH | 
| A code execution vulnerability has been identified in the Robot Operating System (ROS) 'rosbag' tool, affecting ROS distributions Noetic Ninjemys and earlier. The vulnerability arises from the use of the eval() function to process unsanitized, user-supplied input in the 'rosbag filter' command. This flaw enables attackers to craft and execute arbitrary Python code. | |||||
| CVE-2024-39780 | 1 Openrobotics | 1 Robot Operating System | 2025-08-26 | N/A | 7.8 HIGH | 
| A YAML deserialization vulnerability was found in the Robot Operating System (ROS) 'dynparam', a command-line tool for getting, setting, and deleting parameters of a dynamically configurable node, affecting ROS distributions Noetic and earlier. The issue is caused by the use of the yaml.load() function in the 'set' and 'get' verbs, and allows for the creation of arbitrary Python objects. Through this flaw, a local or remote user can craft and execute arbitrary Python code. | |||||
| CVE-2022-48198 | 2 Ntpd Driver Project, Openrobotics | 2 Ntpd Driver, Robot Operating System | 2025-04-11 | N/A | 9.8 CRITICAL | 
| The ntpd_driver component before 1.3.0 and 2.x before 2.2.0 for Robot Operating System (ROS) allows attackers, who control the source code of a different node in the same ROS application, to change a robot's behavior. This occurs because a topic name depends on the attacker-controlled time_ref_topic parameter. | |||||
| CVE-2024-25199 | 2 Opennav, Openrobotics | 2 Nav2, Robot Operating System | 2025-04-02 | N/A | 8.1 HIGH | 
| Inappropriate pointer order of map_sub_ and map_free(map_) (amcl_node.cpp) in Open Robotics Robotic Operating Sytstem 2 (ROS2) and Nav2 humble versions leads to a use-after-free. | |||||
| CVE-2024-25198 | 2 Opennav, Openrobotics | 2 Nav2, Robot Operating System | 2025-04-02 | N/A | 9.1 CRITICAL | 
| Inappropriate pointer order of laser_scan_filter_.reset() and tf_listener_.reset() (amcl_node.cpp) in Open Robotics Robotic Operating Sytstem 2 (ROS2) and Nav2 humble versions leads to a use-after-free. | |||||
| CVE-2024-25197 | 2 Opennav, Openrobotics | 2 Nav2, Robot Operating System | 2025-04-02 | N/A | 6.5 MEDIUM | 
| Open Robotics Robotic Operating Sytstem 2 (ROS2) and Nav2 humble versions were discovered to contain a NULL pointer dereference via the isCurrent() function at /src/layered_costmap.cpp. | |||||
| CVE-2024-25196 | 2 Opennav, Openrobotics | 2 Nav2, Robot Operating System | 2025-04-02 | N/A | 3.3 LOW | 
| Open Robotics Robotic Operating Sytstem 2 (ROS2) and Nav2 humble versions were discovered to contain a buffer overflow via the nav2_controller process. This vulnerability is triggerd via sending a crafted .yaml file. | |||||
| CVE-2024-30962 | 1 Openrobotics | 1 Robot Operating System | 2025-01-09 | N/A | 7.8 HIGH | 
| Buffer Overflow vulnerability in Open Robotics Robotic Operating System 2 (ROS2) navigation2- ROS2-humble and navigation 2-humble allows a local attacker to execute arbitrary code via the nav2_amcl process | |||||
| CVE-2024-30961 | 1 Openrobotics | 1 Robot Operating System | 2024-12-18 | N/A | 7.8 HIGH | 
| Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 (ROS2) navigation2- ROS2-humble and navigation 2-humble allows a local attacker to execute arbitrary code via the error-thrown mechanism in nav2_bt_navigator. | |||||
| CVE-2024-38921 | 1 Openrobotics | 1 Robot Operating System | 2024-12-17 | N/A | 9.8 CRITICAL | 
| Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to contain a use-after-free via the nav2_amcl process. This vulnerability is triggered via remotely sending a request for change the value of dynamic-parameter`/amcl z_rand ` . | |||||
| CVE-2024-38922 | 1 Openrobotics | 1 Robot Operating System | 2024-12-17 | N/A | 9.8 CRITICAL | 
| Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble version was discovered to contain a heap overflow in the nav2_amcl process. This vulnerability is triggered via sending a crafted message to the component /initialpose. | |||||
| CVE-2024-38923 | 1 Openrobotics | 1 Robot Operating System | 2024-12-17 | N/A | 9.8 CRITICAL | 
| Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to contain a use-after-free via the nav2_amcl process. This vulnerability is triggered via remotely sending a request to change the value of dynamic-parameter`/amcl odom_frame_id` . | |||||
| CVE-2024-38924 | 1 Openrobotics | 1 Robot Operating System | 2024-12-17 | N/A | 9.8 CRITICAL | 
| Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to contain a use-after-free via the nav2_amcl process. This vulnerability is triggered via remotely sending a request to change the value of dynamic-parameter`/amcl laser_model_type` . | |||||
| CVE-2024-38925 | 1 Openrobotics | 1 Robot Operating System | 2024-12-17 | N/A | 9.8 CRITICAL | 
| Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to contain a use-after-free via the nav2_amcl process. This vulnerability is triggered via remotely sending a request for change the value of dynamic-parameter`/amcl z_max` . | |||||
| CVE-2024-38926 | 1 Openrobotics | 1 Robot Operating System | 2024-12-17 | N/A | 9.8 CRITICAL | 
| Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to contain a use-after-free via the nav2_amcl process. This vulnerability is triggered via remotely sending a request for change the value of dynamic-parameter `/amcl z_short`. | |||||
| CVE-2024-38927 | 1 Openrobotics | 1 Robot Operating System | 2024-12-17 | N/A | 9.8 CRITICAL | 
| Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to contain a use-after-free via the nav2_amcl process. This vulnerability is triggered via remotely sending a request to change the value of dynamic-parameter `/amcl do_beamskip`. | |||||
