Torproject: >> Tor >> 0.4.7.4 Security Vulnerabilities
The SafeSocks option in Tor before 0.4.7.13 has a logic error in which the unsafe SOCKS4 protocol can be used but not the safe SOCKS4a protocol, aka TROVE-2022-002.
CVSS Score
6.5
EPSS Score
0.002
Published
2023-01-14
Tor 0.4.7.x before 0.4.7.8 allows a denial of service via the wedging of RTT estimation.
CVSS Score
7.5
EPSS Score
0.003
Published
2022-07-17
Tor Browser before 7.0.9 on macOS and Linux allows remote attackers to bypass the intended anonymity feature and discover a client IP address via vectors involving a crafted web site that leverages file:// mishandling in Firefox, aka TorMoil. NOTE: Tails is unaffected.
CVSS Score
6.5
EPSS Score
0.029
Published
2017-11-04