Vulnerabilities > Toktok > Toxcore > 0.2.7
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-13 | CVE-2018-25021 | Improper Resource Shutdown or Release vulnerability in Toktok Toxcore The TCP Server module in toxcore before 0.2.8 doesn't free the TCP priority queue under certain conditions, which allows a remote attacker to exhaust the system's memory, causing a denial of service (DoS). | 5.0 |
| 2021-12-13 | CVE-2021-44847 | Incorrect Calculation vulnerability in multiple products A stack-based buffer overflow in handle_request function in DHT.c in toxcore 0.1.9 through 0.1.11 and 0.2.0 through 0.2.12 (caused by an improper length calculation during the handling of received network packets) allows remote attackers to crash the process or potentially execute arbitrary code via a network packet. | 9.8 |