Tor Security Vulnerabilities and Issues — Tor CVE List

Lucene search

TorprojectTor

3 matches found

CVE•added 2018/06/11 9:29 p.m.•566 views

CVE-2016-9079

A use-after-free vulnerability in SVG Animation has been discovered. An exploit built on this vulnerability has been discovered in the wild targeting Firefox and Tor Browser users on Windows. This vulnerability affects Firefox < 50.0.2, Firefox ESR < 45.5.1, and Thunderbird

7.5CVSS7.2AI score0.84964EPSS

CVE•added 2018/03/05 3:29 p.m.•88 views

CVE-2018-0490

An issue was discovered in Tor before 0.2.9.15, 0.3.1.x before 0.3.1.10, and 0.3.2.x before 0.3.2.10. The directory-authority protocol-list subprotocol implementation allows remote attackers to cause a denial of service (NULL pointer dereference and directory-authority crash) via a misformatted rel...

7.5CVSS7.1AI score0.01035EPSS

CVE•added 2018/03/05 3:29 p.m.•86 views

CVE-2018-0491

A use-after-free issue was discovered in Tor 0.3.2.x before 0.3.2.10. It allows remote attackers to cause a denial of service (relay crash) because the KIST implementation allows a channel to be added more than once in the pending list.

7.5CVSS7.2AI score0.08038EPSS