Low severity3.7NVD Advisory· Published Dec 3, 2017· Updated Jun 17, 2026
CVE-2017-8822
CVE-2017-8822
Description
In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, relays (that have incompletely downloaded descriptors) can pick themselves in a circuit path, leading to a degradation of anonymity, aka TROVE-2017-012.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
5- osv-coords2 versions
< 0.4.6.7-2.2+ 1 more
- (no CPE)range: < 0.4.6.7-2.2
- (no CPE)range: < 0.3.1.9-8.1
Patches
Vulnerability mechanics
References
4- blog.torproject.org/new-stable-tor-releases-security-fixes-0319-03013-02914-02817-02516nvdVendor Advisory
- bugs.torproject.org/21534nvdIssue TrackingVendor Advisory
- bugs.torproject.org/24333nvdVendor Advisory
- www.debian.org/security/2017/dsa-4054nvdThird Party Advisory
News mentions
0No linked articles in our index yet.