Aggregates CVE and security vulnerability intelligence across all redox-os-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk buffer overflow and vendor risk memory corruption and related problems; some flaws may lead to vendor impact application crash and vendor impact memory corruption.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2025-46158 | An issue in redoxOS kernel before commit 5d41cd7c allows a local attacker to cause a denial of service via the `setitimer` syscall | [email protected] | 6.2 | 0.19% | 2025-06-20 | 2025-10-21 |
| CVE-2024-57493 | An issue in redoxOS relibc before commit 98aa4ea5 allows a local attacker to cause a denial of service via the setsockopt function. | [email protected] | 5.5 | 0.17% | 2025-04-18 | 2025-06-25 |
| CVE-2024-57492 | An issue in redoxOS relibc before commit 98aa4ea5 allows a local attacker to cause a denial of service via the round_up_to_page funciton. | [email protected] | 5.5 | 0.18% | 2025-03-10 | 2025-03-24 |
| CVE-2020-22429 | redox-os v0.1.0 was discovered to contain a use-after-free bug via the gethostbyaddr() function at /src/header/netdb/mod.rs. | [email protected] | 7.8 | 0.25% | 2023-05-03 | 2025-01-30 |