Vulnerabilities > Corosync > Corosync > 2.4.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-03-22 | CVE-2025-30472 | Out-of-bounds Write vulnerability in Corosync Corosync through 3.1.9, if encryption is disabled or the attacker knows the encryption key, has a stack-based buffer overflow in orf_token_endian_convert in exec/totemsrp.c via a large UDP packet. | 9.8 |
| 2018-04-12 | CVE-2018-1084 | corosync before version 2.4.4 is vulnerable to an integer overflow in exec/totemcrypto.c. | 7.5 |