Описание
In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, relays (that have incompletely downloaded descriptors) can pick themselves in a circuit path, leading to a degradation of anonymity, aka TROVE-2017-012.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | released | 0.3.0.13-0ubuntu1~17.10.2 |
| bionic | not-affected | 0.3.1.9-1 |
| cosmic | not-affected | 0.3.1.9-1 |
| devel | not-affected | 0.3.1.9-1 |
| esm-apps/bionic | not-affected | 0.3.1.9-1 |
| esm-apps/xenial | released | 0.2.9.14-1ubuntu1~16.04.2 |
| esm-infra-legacy/trusty | released | 0.2.4.27-1ubuntu0.1 |
| precise/esm | DNE | |
| trusty | released | 0.2.4.27-1ubuntu0.1 |
| trusty/esm | released | 0.2.4.27-1ubuntu0.1 |
Показывать по
4.3 Medium
CVSS2
3.7 Low
CVSS3
Связанные уязвимости
In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, relays (that have incompletely downloaded descriptors) can pick themselves in a circuit path, leading to a degradation of anonymity, aka TROVE-2017-012.
In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 bef ...
In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 before 0.2.9.14, 0.3.0 before 0.3.0.13, and 0.3.1 before 0.3.1.9, relays (that have incompletely downloaded descriptors) can pick themselves in a circuit path, leading to a degradation of anonymity, aka TROVE-2017-012.
4.3 Medium
CVSS2
3.7 Low
CVSS3