Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that there was not reasonable evidence to determine the existence of a vulnerability.
Thank you for your detailed overview regarding the CVEs attributed to our
research on ROS/ROS 2 We appreciate the scrutiny and understand the
concerns raised by you and other parties
I want to clarify that our findings are based on extensive tests conducted
in real-world scenarios within controlled laboratory settings, where actual
robots were s ...
Thank you for the guidance I will review the disclosure policy outlined in
REP-2006 and prepare a detailed report with proof of concepts I also plan
to reach out to the upstream team for further advice and will share the
manuscript with them as suggested
*Yash Patel*
PhD Research Scholar
National Forensic Sciences University
Ministry of Home ...
Many thanks to Florencia Cabral Berenfus for her analysis of these claims!
Mark Esler
[0] dlacmorg/doi/abs/101145/35739103573912
[1] githubcom/yashpatelphd/CVE-2024-30737/issues/1
[3] githubcom/yashpatelphd/CVE-2023-33565
[5] githubcom/yashpatelphd/CVE-2024-30737 ...
Unauthorized Information Access Vulnerability in ROS Kinetic Kame
CVE ID
CVE-2024-30724
Title
Unauthorized Information Access Vulnerability in ROS Kinetic Kame
Vulnerability Type
Unauthorized Information Access
Severity
TBD
Vendor
The Open Source Robotics Foundation (OSRF)
Products Affected
ROS Kinetic Kame (ROS_VERSION=1 and ROS_PYTHON_VERSION=3)
Description
An unauthorized access vulnerability has been discovered in ROS Kinetic Kame version