Lucene search
K

6 matches found

Github Security Blog
Github Security Blog
added 2024/05/18 12:30 a.m.17 views

Tor path lengths too short when "full Vanguards" configured

In Tor Arti before 1.2.3, circuits sometimes incorrectly have a length of 3 with full vanguards, aka TROVE-2024-004...

7.3CVSS7.1AI score0.00298EPSS
Exploits0References9Affected Software2
OSV
OSV
added 2024/05/18 12:30 a.m.9 views

GHSA-C96H-CXX6-RMG9 Tor path lengths too short when "full Vanguards" configured

In Tor Arti before 1.2.3, circuits sometimes incorrectly have a length of 3 with full vanguards, aka TROVE-2024-004...

5.9CVSS6.4AI score0.00298EPSS
Exploits0References9
Vulnrichment
Vulnrichment
added 2024/05/17 9:29 p.m.12 views

CVE-2024-35313

In Tor Arti before 1.2.3, circuits sometimes incorrectly have a length of 3 with full vanguards, aka TROVE-2024-004...

6.7AI score0.00298EPSS
Exploits0References1
RustSec
RustSec
added 2024/05/15 12:0 p.m.6 views

Tor path lengths too short when "full Vanguards" configured

Description When building anonymizing circuits to or from an onion service with full vanguards enabled, the circuit manager code would build the circuits with one hop too few. Impact This makes users of this code more vulnerable to some kinds of traffic analysis when they run or visit onion...

7.3CVSS7.2AI score0.00298EPSS
Exploits0Affected Software1
RustSec
RustSec
added 2024/05/15 12:0 p.m.6 views

Tor path lengths too short when "Vanguards lite" configured

Description When building anonymizing circuits to or from an onion service with 'lite' vanguards the default enabled, the circuit manager code would build the circuits with one hop too few. Impact This makes users of this code more vulnerable to some kinds of traffic analysis when they run or vis...

7.3CVSS7.2AI score0.00298EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2024/05/15 12:0 a.m.2 views

PT-2024-26429 · Tor · Tor Arti +1

Name of the Vulnerable Software and Affected Versions: Tor Arti versions prior to 1.2.3 Description: The issue arises when building anonymizing circuits to or from an onion service with 'lite' or 'full' vanguards enabled, where the circuit manager code builds the circuits with one hop too few. Th...

7.3CVSS7.4AI score0.00298EPSS
Exploits0References22
Rows per page
Query Builder