CVE-2015-2928
published 2020-01-24CVE-2015-2928: The Hidden Service (HS) server implementation in Tor before 0.2.4.27, 0.2.5.x before 0.2.5.12, and 0.2.6.x before 0.2.6.7 allows remote attackers to cause a…
high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
The Hidden Service (HS) server implementation in Tor before 0.2.4.27, 0.2.5.x before 0.2.5.12, and 0.2.6.x before 0.2.6.7 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via unspecified vectors.
Affected
11 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | tor | < tor 0.2.5.12-1 (bookworm) | tor 0.2.5.12-1 (bookworm) |
| the_tor_project | tor | — | — |
| the_tor_project | tor | — | — |
| the_tor_project | tor | — | — |
| torproject | tor | < 0.2.4.27 | 0.2.4.27 |
| torproject | tor | >= 0 < 0.2.5.12-1 | 0.2.5.12-1 |
| torproject | tor | >= 0 < 0.2.5.12-1 | 0.2.5.12-1 |
| torproject | tor | >= 0 < 0.2.5.12-1 | 0.2.5.12-1 |
| torproject | tor | >= 0 < 0.2.5.12-1 | 0.2.5.12-1 |
| torproject | tor | >= 0.2.5.1 < 0.2.5.12 | 0.2.5.12 |
| torproject | tor | >= 0.2.6.1 < 0.2.6.7 | 0.2.6.7 |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
osv7.5HIGH