CVE-2021-28090 - log back

CVE-2021-28090 edited at 16 Mar 2021 18:26:18
Severity
- Unknown
+ Low
Remote
- Unknown
+ Remote
Type
- Unknown
+ Denial of service
Description
+ A security issue was found in Tor before versions 0.4.5.7, 0.4.4.8 and 0.3.5.14. A bug in appending detached signatures to a pending consensus document could be used to crash a directory authority.
References
+ https://blog.torproject.org/node/2009
+ https://gitlab.torproject.org/tpo/core/tor/-/issues/40316
+ https://gitlab.torproject.org/tpo/core/tor/-/commit/890ae4fb1adfa13e37aaf5261e089e8c195a75cf
Notes
CVE-2021-28090 created at 16 Mar 2021 18:18:13