CPE-3407C23C-1071-4A5E-BEAF-07799D0F46BD Detail

CPE Details

Torproject Tor 0.4.0.4 Release Candidate

Vendor

torproject

Product

tor

Version

0.4.0.4

Created

2019-06-20
12h32 +00:00

Modified

2019-06-20
12h32 +00:00

Official links

CPE NVD

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Notifications manage

List of Notifications

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Parameters

You can specify a title that will be retrieved in the alerts that will be sent out.

CPE ID

Planning

Month

Next run calculation

Day

Weekday

Hour

Minute

Creation date

Last execution

Next execution

Functionality requiring a connection

This feature, which allows you to receive alerts, is only active when you are logged into your account.

CPE Name: cpe:2.3:a:torproject:tor:0.4.0.4:rc::::::

Informations

Vendor

torproject

Product

tor

Version

0.4.0.4

Update

Related CVE

Open and find in CVE List

CVE ID	Published	Description	Score	Severity
CVE-2023-23589	2023-01-13 23h00 +00:00	The SafeSocks option in Tor before 0.4.7.13 has a logic error in which the unsafe SOCKS4 protocol can be used but not the safe SOCKS4a protocol, aka TROVE-2022-002.	6.5	Medium
CVE-2021-38385	2021-08-29 22h00 +00:00	Tor before 0.3.5.16, 0.4.5.10, and 0.4.6.7 mishandles the relationship between batch-signature verification and single-signature verification, leading to a remote assertion failure, aka TROVE-2021-007.	7.5	High
CVE-2021-34550	2021-06-29 09h11 +00:00	An issue was discovered in Tor before 0.4.6.5, aka TROVE-2021-006. The v3 onion service descriptor parsing allows out-of-bounds memory access, and a client crash, via a crafted onion service descriptor	7.5	High
CVE-2021-34549	2021-06-29 09h08 +00:00	An issue was discovered in Tor before 0.4.6.5, aka TROVE-2021-005. Hashing is mishandled for certain retrieval of circuit data. Consequently. an attacker can trigger the use of an attacker-chosen circuit ID to cause algorithm inefficiency.	7.5	High
CVE-2021-34548	2021-06-29 09h00 +00:00	An issue was discovered in Tor before 0.4.6.5, aka TROVE-2021-003. An attacker can forge RELAY_END or RELAY_RESOLVED to bypass the intended access control for ending a stream.	7.5	High
CVE-2020-8516	2020-02-02 11h52 +00:00	The daemon in Tor through 0.4.1.8 and 0.4.2.x through 0.4.2.6 does not verify that a rendezvous node is known before attempting to connect to it, which might make it easier for remote attackers to discover circuit information. NOTE: The network team of Tor claims this is an intended behavior and not a vulnerability	5.3	Medium
CVE-2017-16541	2017-11-04 17h00 +00:00	Tor Browser before 7.0.9 on macOS and Linux allows remote attackers to bypass the intended anonymity feature and discover a client IP address via vectors involving a crafted web site that leverages file:// mishandling in Firefox, aka TorMoil. NOTE: Tails is unaffected.	6.5	Medium

Torproject Tor 0.4.0.4 Release Candidate

CPE Details

CPE Name: cpe:2.3:a:torproject:tor:0.4.0.4:rc:*:*:*:*:*:*

Informations

Vendor

Product

Version

Update

Related CVE

CPE Name: cpe:2.3:a:torproject:tor:0.4.0.4:rc::::::