CVE Vulnerabilities

CVE-2020-10592

Published: Mar 23, 2020 | Modified: Jan 01, 2022
CVSS 3.x
7.5
HIGH
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVSS 2.x
7.8 HIGH
AV:N/AC:L/Au:N/C:N/I:N/A:C
RedHat/V2
RedHat/V3
Ubuntu
LOW

Tor before 0.3.5.10, 0.4.x before 0.4.1.9, and 0.4.2.x before 0.4.2.7 allows remote attackers to cause a Denial of Service (CPU consumption), aka TROVE-2020-002.

Affected Software

Name Vendor Start Version End Version
Tor Torproject 0.3.5 (including) 0.3.5.10 (excluding)
Tor Torproject 0.4.1.0 (excluding) 0.4.1.9 (excluding)
Tor Torproject 0.4.2.0 (excluding) 0.4.2.7 (including)
Tor Ubuntu eoan *
Tor Ubuntu trusty *
Tor Ubuntu upstream *
Tor Ubuntu xenial *

References