CNNVD-202509-2863 Information
CNNVD ID
CNNVD-202509-2863
Related CVE
- CNNVD Published: 2025-09-18
Description (Chinese)
Tor是Tor Project组织的一个虚拟隧道网络。允许个人和团体提高他们在 Internet 上的隐私和安全性。 Tor 0.4.7.16及之前版本和0.4.8.17及之前版本存在安全漏洞,该漏洞源于Onion Service Descriptor Handler组件存在资源消耗问题。
Description (English)
Tor is a virtual tunnel network organized by Tor Project. Allowing individuals and groups to increase their privacy and security on the Internet. Tor 0.4.7.16 and previous versions and 0.4.8.17 and previous versions contain a security loophole, which is the result of resource consumption problems for the One Service Defense Handler component.
Hazard Level
Critical
Vulnerability Type
其他
Affected Vendor
Totara
Published
2025-09-18
Last Modified
2026-02-24
References
https://forum.torproject.org/t/alpha-and-stable-release-0-4-8-18-and-0-4-9-3-alpha/20578 https://github.com/chunmianwang/Tordos https://gitlab.torproject.org/tpo/core/tor/-/raw/release-0.4.8/ReleaseNotes https://vuldb.com/?ctiid.324814 https://vuldb.com/?id.324814 https://vuldb.com/?submit.640605 https://access.redhat.com/security/cve/cve-2025-4444
Patch
https://www.torproject.org/download/tor/
Share on: