rpm package

opensuse/tor&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/tor&distro=openSUSE%20Tumbleweed

Vulnerabilities (53)

CVE	Sev	CVSS	KEV	Affected versions	Fixed in	Published	Description
CVE-2015-2929		—		< 0.2.8.11-1.1	0.2.8.11-1.1	Jan 24, 2020	The Hidden Service (HS) client implementation in Tor before 0.2.4.27, 0.2.5.x before 0.2.5.12, and 0.2.6.x before 0.2.6.7 allows remote servers to cause a denial of service (assertion failure and application exit) via a malformed HS descriptor.
CVE-2015-2928		—		< 0.2.8.11-1.1	0.2.8.11-1.1	Jan 24, 2020	The Hidden Service (HS) server implementation in Tor before 0.2.4.27, 0.2.5.x before 0.2.5.12, and 0.2.6.x before 0.2.6.7 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via unspecified vectors.
CVE-2019-8955		—		< 0.4.6.7-2.2	0.4.6.7-2.2	Feb 21, 2019	In Tor before 0.3.3.12, 0.3.4.x before 0.3.4.11, 0.3.5.x before 0.3.5.8, and 0.4.x before 0.4.0.2-alpha, remote denial of service against Tor clients and relays can occur via memory exhaustion in the KIST cell scheduler.
CVE-2018-0491		—		< 0.4.6.7-2.2	0.4.6.7-2.2	Mar 5, 2018	A use-after-free issue was discovered in Tor 0.3.2.x before 0.3.2.10. It allows remote attackers to cause a denial of service (relay crash) because the KIST implementation allows a channel to be added more than once in the pending list.
CVE-2018-0490		—		< 0.4.6.7-2.2	0.4.6.7-2.2	Mar 5, 2018	An issue was discovered in Tor before 0.2.9.15, 0.3.1.x before 0.3.1.10, and 0.3.2.x before 0.3.2.10. The directory-authority protocol-list subprotocol implementation allows remote attackers to cause a denial of service (NULL pointer dereference and directory-authority crash) via
CVE-2016-1254	Hig	7.5		< 0.4.6.7-2.2	0.4.6.7-2.2	Dec 5, 2017	Tor before 0.2.8.12 might allow remote attackers to cause a denial of service (client crash) via a crafted hidden service descriptor.
CVE-2017-8823	Hig	8.1		< 0.4.6.7-2.2	0.4.6.7-2.2	Dec 3, 2017	In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, there is a use-after-free in onion service v2 during intro-point expiration because the expiring list is mismanaged in certain error cases, aka TRO
CVE-2017-8822	Low	3.7		< 0.4.6.7-2.2	0.4.6.7-2.2	Dec 3, 2017	In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, relays (that have incompletely downloaded descriptors) can pick themselves in a circuit path, leading to a degradation of anonymity, aka TROVE-2017
CVE-2017-8821	Hig	7.5		< 0.4.6.7-2.2	0.4.6.7-2.2	Dec 3, 2017	In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, an attacker can cause a denial of service (application hang) via crafted PEM input that signifies a public key requiring a password, which triggers
CVE-2017-8820	Hig	7.5		< 0.4.6.7-2.2	0.4.6.7-2.2	Dec 3, 2017	In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, remote attackers can cause a denial of service (NULL pointer dereference and application crash) against directory authorities via a malformed descr
CVE-2017-8819	Hig	7.5		< 0.4.6.7-2.2	0.4.6.7-2.2	Dec 3, 2017	In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, the replay-cache protection mechanism is ineffective for v2 onion services, aka TROVE-2017-009. An attacker can send many INTRODUCE2 cells to trigg
CVE-2017-0380	Med	5.9		< 0.4.6.7-2.2	0.4.6.7-2.2	Sep 18, 2017	The rend_service_intro_established function in or/rendservice.c in Tor before 0.2.8.15, 0.2.9.x before 0.2.9.12, 0.3.0.x before 0.3.0.11, 0.3.1.x before 0.3.1.7, and 0.3.2.x before 0.3.2.1-alpha, when SafeLogging is disabled, allows attackers to obtain sensitive information by le
CVE-2017-0377	Hig	7.5		< 0.4.6.7-2.2	0.4.6.7-2.2	Jul 2, 2017	Tor 0.3.x before 0.3.0.9 has a guard-selection algorithm that only considers the exit relay (not the exit relay's family), which might allow remote attackers to defeat intended anonymity properties by leveraging the existence of large families.
CVE-2017-0376	Hig	7.5		< 0.4.6.7-2.2	0.4.6.7-2.2	Jun 9, 2017	The hidden-service feature in Tor before 0.3.0.8 allows a denial of service (assertion failure and daemon exit) in the connection_edge_process_relay_cell function via a BEGIN_DIR cell on a rendezvous circuit.
CVE-2017-0375	Hig	7.5		< 0.4.6.7-2.2	0.4.6.7-2.2	Jun 9, 2017	The hidden-service feature in Tor before 0.3.0.8 allows a denial of service (assertion failure and daemon exit) in the relay_send_end_cell_from_edge_ function via a malformed BEGIN cell.
CVE-2014-5117		—		< 0.2.8.11-1.1	0.2.8.11-1.1	Jul 30, 2014	Tor before 0.2.4.23 and 0.2.5 before 0.2.5.6-alpha maintains a circuit after an inbound RELAY_EARLY cell is received by a client, which makes it easier for remote attackers to conduct traffic-confirmation attacks by using the pattern of RELAY and RELAY_EARLY cells as a means of c
CVE-2014-0160	Hig	7.5	KEV	< 0.2.8.11-1.1	0.2.8.11-1.1	Apr 7, 2014	The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by re
CVE-2013-7295		—		< 0.2.8.11-1.1	0.2.8.11-1.1	Jan 17, 2014	Tor before 0.2.4.20, when OpenSSL 1.x is used in conjunction with a certain HardwareAccel setting on Intel Sandy Bridge and Ivy Bridge platforms, does not properly generate random numbers for (1) relay identity keys and (2) hidden-service identity keys, which might make it easier
CVE-2012-5573		—		< 0.2.8.11-1.1	0.2.8.11-1.1	Jan 1, 2013	The connection_edge_process_relay_cell function in or/relay.c in Tor before 0.2.3.25 maintains circuits even if an unexpected SENDME cell arrives, which might allow remote attackers to cause a denial of service (memory consumption or excessive cell reception rate) or bypass inten
CVE-2012-4922		—		< 0.2.8.11-1.1	0.2.8.11-1.1	Sep 14, 2012	The tor_timegm function in common/util.c in Tor before 0.2.2.39, and 0.2.3.x before 0.2.3.22-rc, does not properly validate time values, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed directory object, a different vu

CVE-2015-2929Jan 24, 2020
affected < 0.2.8.11-1.1fixed 0.2.8.11-1.1
The Hidden Service (HS) client implementation in Tor before 0.2.4.27, 0.2.5.x before 0.2.5.12, and 0.2.6.x before 0.2.6.7 allows remote servers to cause a denial of service (assertion failure and application exit) via a malformed HS descriptor.
CVE-2015-2928Jan 24, 2020
affected < 0.2.8.11-1.1fixed 0.2.8.11-1.1
The Hidden Service (HS) server implementation in Tor before 0.2.4.27, 0.2.5.x before 0.2.5.12, and 0.2.6.x before 0.2.6.7 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via unspecified vectors.
CVE-2019-8955Feb 21, 2019
affected < 0.4.6.7-2.2fixed 0.4.6.7-2.2
In Tor before 0.3.3.12, 0.3.4.x before 0.3.4.11, 0.3.5.x before 0.3.5.8, and 0.4.x before 0.4.0.2-alpha, remote denial of service against Tor clients and relays can occur via memory exhaustion in the KIST cell scheduler.
CVE-2018-0491Mar 5, 2018
affected < 0.4.6.7-2.2fixed 0.4.6.7-2.2
A use-after-free issue was discovered in Tor 0.3.2.x before 0.3.2.10. It allows remote attackers to cause a denial of service (relay crash) because the KIST implementation allows a channel to be added more than once in the pending list.
CVE-2018-0490Mar 5, 2018
affected < 0.4.6.7-2.2fixed 0.4.6.7-2.2
An issue was discovered in Tor before 0.2.9.15, 0.3.1.x before 0.3.1.10, and 0.3.2.x before 0.3.2.10. The directory-authority protocol-list subprotocol implementation allows remote attackers to cause a denial of service (NULL pointer dereference and directory-authority crash) via
CVE-2016-1254HigDec 5, 2017
affected < 0.4.6.7-2.2fixed 0.4.6.7-2.2
Tor before 0.2.8.12 might allow remote attackers to cause a denial of service (client crash) via a crafted hidden service descriptor.
CVE-2017-8823HigDec 3, 2017
affected < 0.4.6.7-2.2fixed 0.4.6.7-2.2
In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, there is a use-after-free in onion service v2 during intro-point expiration because the expiring list is mismanaged in certain error cases, aka TRO
CVE-2017-8822LowDec 3, 2017
affected < 0.4.6.7-2.2fixed 0.4.6.7-2.2
In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, relays (that have incompletely downloaded descriptors) can pick themselves in a circuit path, leading to a degradation of anonymity, aka TROVE-2017
CVE-2017-8821HigDec 3, 2017
affected < 0.4.6.7-2.2fixed 0.4.6.7-2.2
In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, an attacker can cause a denial of service (application hang) via crafted PEM input that signifies a public key requiring a password, which triggers
CVE-2017-8820HigDec 3, 2017
affected < 0.4.6.7-2.2fixed 0.4.6.7-2.2
In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, remote attackers can cause a denial of service (NULL pointer dereference and application crash) against directory authorities via a malformed descr
CVE-2017-8819HigDec 3, 2017
affected < 0.4.6.7-2.2fixed 0.4.6.7-2.2
In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, the replay-cache protection mechanism is ineffective for v2 onion services, aka TROVE-2017-009. An attacker can send many INTRODUCE2 cells to trigg
CVE-2017-0380MedSep 18, 2017
affected < 0.4.6.7-2.2fixed 0.4.6.7-2.2
The rend_service_intro_established function in or/rendservice.c in Tor before 0.2.8.15, 0.2.9.x before 0.2.9.12, 0.3.0.x before 0.3.0.11, 0.3.1.x before 0.3.1.7, and 0.3.2.x before 0.3.2.1-alpha, when SafeLogging is disabled, allows attackers to obtain sensitive information by le
CVE-2017-0377HigJul 2, 2017
affected < 0.4.6.7-2.2fixed 0.4.6.7-2.2
Tor 0.3.x before 0.3.0.9 has a guard-selection algorithm that only considers the exit relay (not the exit relay's family), which might allow remote attackers to defeat intended anonymity properties by leveraging the existence of large families.
CVE-2017-0376HigJun 9, 2017
affected < 0.4.6.7-2.2fixed 0.4.6.7-2.2
The hidden-service feature in Tor before 0.3.0.8 allows a denial of service (assertion failure and daemon exit) in the connection_edge_process_relay_cell function via a BEGIN_DIR cell on a rendezvous circuit.
CVE-2017-0375HigJun 9, 2017
affected < 0.4.6.7-2.2fixed 0.4.6.7-2.2
The hidden-service feature in Tor before 0.3.0.8 allows a denial of service (assertion failure and daemon exit) in the relay_send_end_cell_from_edge_ function via a malformed BEGIN cell.
CVE-2014-5117Jul 30, 2014
affected < 0.2.8.11-1.1fixed 0.2.8.11-1.1
Tor before 0.2.4.23 and 0.2.5 before 0.2.5.6-alpha maintains a circuit after an inbound RELAY_EARLY cell is received by a client, which makes it easier for remote attackers to conduct traffic-confirmation attacks by using the pattern of RELAY and RELAY_EARLY cells as a means of c
CVE-2014-0160HigKEVApr 7, 2014
affected < 0.2.8.11-1.1fixed 0.2.8.11-1.1
The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by re
CVE-2013-7295Jan 17, 2014
affected < 0.2.8.11-1.1fixed 0.2.8.11-1.1
Tor before 0.2.4.20, when OpenSSL 1.x is used in conjunction with a certain HardwareAccel setting on Intel Sandy Bridge and Ivy Bridge platforms, does not properly generate random numbers for (1) relay identity keys and (2) hidden-service identity keys, which might make it easier
CVE-2012-5573Jan 1, 2013
affected < 0.2.8.11-1.1fixed 0.2.8.11-1.1
The connection_edge_process_relay_cell function in or/relay.c in Tor before 0.2.3.25 maintains circuits even if an unexpected SENDME cell arrives, which might allow remote attackers to cause a denial of service (memory consumption or excessive cell reception rate) or bypass inten
CVE-2012-4922Sep 14, 2012
affected < 0.2.8.11-1.1fixed 0.2.8.11-1.1
The tor_timegm function in common/util.c in Tor before 0.2.2.39, and 0.2.3.x before 0.2.3.22-rc, does not properly validate time values, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed directory object, a different vu

Page 2 of 3