|Created||Tue Dec 5 20:07:11 2017|
|CVE-2017-8823||High||Yes||Arbitrary code execution||
A use-after-free vulnerability has been found in Tor before 0.3.1.9, leading to a crash of v2 Tor onion services when they failed to open circuits while...
In Tor before 0.3.1.9, relays (that have incompletely downloaded descriptors) can pick themselves in a circuit path, leading to a degradation of anonymity,...
|CVE-2017-8820||Medium||Yes||Denial of service||
A denial of service issue where an attacker could crash a directory authority using a malformed router descriptor has been found in Tor before 0.3.1.9.
An issue has been found in the way Tor before 0.3.1.9 checked for replays, leading to a possible traffic confirmation attack.
|16 Dec 2017||ASA-201712-10||tor||multiple issues|