Tor prior to 0.4.3.6 has an out-of-bounds memory access that allows a remote denial-of-service (crash) attack against Tor instances built to use Mozilla Network Security Services (NSS), aka TROVE-2020-001.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
torproject tor |
||
torproject tor 0.4.4.0 |
||
torproject tor 0.4.4.1 |