Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Totd
(Totd_project)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 2 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-06-23 | CVE-2022-34295 | totd before 1.5.3 does not properly randomize mesg IDs. | Totd | 6.5 | ||
| 2022-08-15 | CVE-2022-34294 | totd 1.5.3 uses a fixed UDP source port in upstream queries sent to DNS resolvers. This allows DNS cache poisoning because there is not enough entropy to prevent traffic injection attacks. | Totd | 9.8 |