Vulnerabilities > Tuxfamily
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-08-24 | CVE-2020-14367 | Link Following vulnerability in multiple products A flaw was found in chrony versions before 3.5.1 when creating the PID file under the /var/run/chrony folder. | 6.0 |
2019-12-09 | CVE-2015-1853 | Unspecified vulnerability in Tuxfamily Chrony chrony before 1.31.1 does not properly protect state variables in authenticated symmetric NTP associations, which allows remote attackers with knowledge of NTP peering to cause a denial of service (inability to synchronize) via random timestamps in crafted NTP data packets. | 6.5 |
2016-01-26 | CVE-2016-1567 | 7PK - Security Features vulnerability in Tuxfamily Chrony chrony before 1.31.2 and 2.x before 2.2.1 do not verify peer associations of symmetric keys when authenticating packets, which might allow remote attackers to conduct impersonation attacks via an arbitrary trusted key, aka a "skeleton key." | 8.1 |