CVE-2022-33903TOR vulnerability

5 documents5 sources
Severity
7.5HIGHNVD
EPSS
0.4%
top 39.51%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Torproject TOR
Timeline
PublishedJul 17
Latest updateJul 18

Description

Tor 0.4.7.x before 0.4.7.8 allows a denial of service via the wedging of RTT estimation.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

NVDtorproject/tor0.4.7.10.4.7.8
Debiantorproject/tor< 0.4.7.8-1+2

Patches

Patch: lists.torproject.orgPatch: lists.torproject.org

🔴Vulnerability Details

3
GHSA
GHSA-g7xf-5c64-42cx: Tor 02022-07-18
CVEList
CVE-2022-33903: Tor 02022-07-17
OSV
CVE-2022-33903: Tor 02022-07-17

📋Vendor Advisories

1
Debian
CVE-2022-33903: tor - Tor 0.4.7.x before 0.4.7.8 allows a denial of service via the wedging of RTT est...2022
CVE-2022-33903 — Torproject TOR vulnerability | cvebase