Unrated severityNVD Advisory· Published Mar 19, 2021· Updated Aug 3, 2024
CVE-2021-28089
CVE-2021-28089
Description
Tor before 0.4.5.7 allows a remote participant in the Tor directory protocol to exhaust CPU resources on a target, aka TROVE-2021-001.
Affected products
4- The Tor Project/Tordescription
- osv-coords3 versionspkg:rpm/opensuse/tor&distro=openSUSE%20Leap%2015.2pkg:rpm/opensuse/tor&distro=openSUSE%20Tumbleweedpkg:rpm/suse/tor&distro=SUSE%20Package%20Hub%2015%20SP2
< 0.4.5.7-lp152.2.9.1+ 2 more
- (no CPE)range: < 0.4.5.7-lp152.2.9.1
- (no CPE)range: < 0.4.6.7-2.2
- (no CPE)range: < 0.4.5.7-bp152.2.9.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
4- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HPDXB2GZHG3VNOTWSXQ3QZVHNV76WCU5/mitrevendor-advisoryx_refsource_FEDORA
- security.gentoo.org/glsa/202107-25mitrevendor-advisoryx_refsource_GENTOO
- blog.torproject.org/node/2009mitrex_refsource_CONFIRM
- gitlab.torproject.org/tpo/core/tor/-/issues/40304mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.