Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tokio tokio vulnerabilities and exploits
(subscribe to this query)
5.9
CVSSv3
CVE-2021-38191
An issue exists in the tokio crate prior to 1.8.1 for Rust. Upon a JoinHandle::abort, a Task may be dropped in the wrong thread.
Tokio Tokio
Tokio Tokio 1.8.0
8.1
CVSSv3
CVE-2021-45710
An issue exists in the tokio crate prior to 1.8.4, and 1.9.x up to and including 1.13.x prior to 1.13.1, for Rust. In certain circumstances involving a closed oneshot channel, there is a data race and memory corruption.
Tokio Tokio
5.4
CVSSv3
CVE-2023-22466
Tokio is a runtime for writing applications with Rust. Starting with version 1.7.0 and prior to versions 1.18.4, 1.20.3, and 1.23.1, when configuring a Windows named pipe server, setting `pipe_mode` will reset `reject_remote_clients` to `false`. If the application has previously ...
Tokio Tokio
7.5
CVSSv3
CVE-2020-35875
An issue exists in the tokio-rustls crate prior to 0.13.1 for Rust. Excessive memory usage may occur when data arrives quickly.
Tokio Tokio-rustls
NA
CVE-2024-27308
Mio is a Metal I/O library for Rust. When using named pipes on Windows, mio will under some circumstances return invalid tokens that correspond to named pipes that have already been deregistered from the mio registry. The impact of this vulnerability depends on how mio is used. F...
5.3
CVSSv3
CVE-2023-6180
The tokio-boring library in version 4.0.0 is affected by a memory leak issue that can lead to excessive resource consumption and potential DoS by resource exhaustion. The set_ex_data function used by the library did not deallocate memory used by pre-existing data in memory each t...
Cloudflare Boring 4.0.0
7.5
CVSSv3
CVE-2022-35922
Rust-WebSocket is a WebSocket (RFC6455) library written in Rust. In versions before 0.26.5 untrusted websocket connections can cause an out-of-memory (OOM) process abort in a client or a server. The root cause of the issue is during dataframe parsing. Affected versions would allo...
Rust-websocket Project Rust-websocket
Fedoraproject Fedora 35
Fedoraproject Fedora 36
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started