Vulnerabilities > Torproject

DATE	CVE	VULNERABILITY TITLE	RISK
2023-01-14	CVE-2023-23589	The SafeSocks option in Tor before 0.4.7.13 has a logic error in which the unsafe SOCKS4 protocol can be used but not the safe SOCKS4a protocol, aka TROVE-2022-002. network low complexity torproject debian fedoraproject	6.5
2022-07-17	CVE-2022-33903	Unspecified vulnerability in Torproject TOR Tor 0.4.7.x before 0.4.7.8 allows a denial of service via the wedging of RTT estimation. network low complexity torproject	7.5
2022-02-26	CVE-2021-46702	Improper Resource Shutdown or Release vulnerability in Torproject TOR 9.0.7 Tor Browser 9.0.7 on Windows 10 build 10586 is vulnerable to information disclosure. local low complexity torproject CWE-404	2.1
2021-09-24	CVE-2021-39246	Information Exposure Through Log Files vulnerability in Torproject TOR Browser Tor Browser through 10.5.6 and 11.x through 11.0a4 allows a correlation attack that can compromise the privacy of visits to v2 onion addresses. local low complexity torproject CWE-532	3.6
2021-08-30	CVE-2021-38385	Reachable Assertion vulnerability in Torproject TOR Tor before 0.3.5.16, 0.4.5.10, and 0.4.6.7 mishandles the relationship between batch-signature verification and single-signature verification, leading to a remote assertion failure, aka TROVE-2021-007. network low complexity torproject CWE-617	7.5
2021-06-29	CVE-2021-34549	Resource Exhaustion vulnerability in Torproject TOR An issue was discovered in Tor before 0.4.6.5, aka TROVE-2021-005. network low complexity torproject CWE-400	5.0
2021-06-29	CVE-2021-34550	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Torproject TOR An issue was discovered in Tor before 0.4.6.5, aka TROVE-2021-006. network low complexity torproject CWE-119	5.0
2021-06-29	CVE-2021-34548	Authentication Bypass by Spoofing vulnerability in Torproject TOR An issue was discovered in Tor before 0.4.6.5, aka TROVE-2021-003. network low complexity torproject CWE-290	7.5
2021-03-19	CVE-2021-28090	Reachable Assertion vulnerability in multiple products Tor before 0.4.5.7 allows a remote attacker to cause Tor directory authorities to exit with an assertion failure, aka TROVE-2021-002. network low complexity torproject fedoraproject CWE-617	5.3
2021-03-19	CVE-2021-28089	Resource Exhaustion vulnerability in multiple products Tor before 0.4.5.7 allows a remote participant in the Tor directory protocol to exhaust CPU resources on a target, aka TROVE-2021-001. network low complexity torproject fedoraproject CWE-400	7.5

Vulnerabilities > Torproject {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Torproject"}]}

Vulnerabilities > Torproject