Totd ProjectCVEs & Vulnerabilities
2 CVEs affecting Totd Project products, tracked from the National Vulnerability Database, with CVSS/EPSS scores and exploitation status.
2 CVEs→ All vendors
Most Affected Products
totd 2
CVE-2022-34294CRITICAL
totd 1.5.3 uses a fixed UDP source port in upstream queries sent to DNS resolvers. This allows DNS cache poisoning because there is not enough entropy to prevent traffic injection attacks.
15 Aug 2022
9.8
CVSS
CVE-2022-34295MEDIUM
totd before 1.5.3 does not properly randomize mesg IDs.
23 Jun 2022
6.5
CVSS
← PrevPage 1 / 1Next →