14 matches found
EUVD-2024-1535
Malicious code in bioql PyPI...
GHSA-C96H-CXX6-RMG9 Tor path lengths too short when "full Vanguards" configured
In Tor Arti before 1.2.3, circuits sometimes incorrectly have a length of 3 with full vanguards, aka TROVE-2024-004...
Tor path lengths too short when "full Vanguards" configured
In Tor Arti before 1.2.3, circuits sometimes incorrectly have a length of 3 with full vanguards, aka TROVE-2024-004...
CVE-2024-35313
In Tor Arti before 1.2.3, circuits sometimes incorrectly have a length of 3 with full vanguards, aka TROVE-2024-004...
CVE-2024-35313
CVE-2024-35313 affects Tor Arti prior to 1.2.3, where circuits may incorrectly have a length of 3 when full vanguards are used (aka TROVE-2024-004). The vulnerability is documented with CVSS v3.1 base score 7.3 (Network, High, Privileges=None, User Interaction=None; Confidentiality/Integrity/Avai...
CVE-2024-35312
In Tor Arti before 1.2.3, STUB circuits incorrectly have a length of 2 with lite vanguards, aka TROVE-2024-003...
RUSTSEC-2024-0340 Tor path lengths too short when "full Vanguards" configured
Description When building anonymizing circuits to or from an onion service with full vanguards enabled, the circuit manager code would build the circuits with one hop too few. Impact This makes users of this code more vulnerable to some kinds of traffic analysis when they run or visit onion...
RUSTSEC-2024-0339 Tor path lengths too short when "Vanguards lite" configured
Description When building anonymizing circuits to or from an onion service with 'lite' vanguards the default enabled, the circuit manager code would build the circuits with one hop too few. Impact This makes users of this code more vulnerable to some kinds of traffic analysis when they run or vis...
Tor path lengths too short when "full Vanguards" configured
Description When building anonymizing circuits to or from an onion service with full vanguards enabled, the circuit manager code would build the circuits with one hop too few. Impact This makes users of this code more vulnerable to some kinds of traffic analysis when they run or visit onion...
Tor path lengths too short when "Vanguards lite" configured
Description When building anonymizing circuits to or from an onion service with 'lite' vanguards the default enabled, the circuit manager code would build the circuits with one hop too few. Impact This makes users of this code more vulnerable to some kinds of traffic analysis when they run or vis...
PT-2024-26429 · Tor · Tor Arti +1
Name of the Vulnerable Software and Affected Versions: Tor Arti versions prior to 1.2.3 Description: The issue arises when building anonymizing circuits to or from an onion service with 'lite' or 'full' vanguards enabled, where the circuit manager code builds the circuits with one hop too few. Th...
Arti -- Security issues related to circuit construction
Tor Project reports: When building anonymizing circuits to or from an onion service with 'lite' vanguards the default enabled, the circuit manager code would build the circuits with one hop too few. When 'full' vanguards are enabled, some circuits are supposed to be built with an extra hop to...
openSUSE: Security Advisory for tor (openSUSE-SU-2023:0361-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
OPENSUSE-SU-2023:0361-1 Security update for tor
This update for tor fixes the following issues: - tor 0.4.8.8: Mitigate an issue when Tor compiled with OpenSSL can crash during handshake with a remote relay. TROVE-2023-004, boo1216873 Regenerate fallback directories generated on November 03, 2023. Update the geoip files to match the IPFire...