CVE-2017-0377

Summary

Tor 0.3.x before 0.3.0.9 has a guard-selection algorithm that only considers the exit relay (not the exit relay's family), which might allow remote attackers to defeat intended anonymity properties by leveraging the existence of large families.

Affected Software

VendorProductVersion RangeStatus
n/aTorToraffected

Weaknesses

  • privacy bypass

ADP Enrichment

CVE Program Container

Additional References

References