Denial of Service Vulnerability in Tor Software
CVE-2020-10592

7.5HIGH

Key Information:

Vendor: Torproject
Status: Tor
Vendor: CVE Published:; 23 March 2020

🔔 Create Torproject Vulnerability Alert

What is CVE-2020-10592?

A vulnerability in the Tor software allows remote attackers to exploit specific versions and cause Denial of Service by consuming excessive CPU resources. This could lead to reduced performance and availability, impacting user experience. It is essential for users to update to the latest versions to mitigate this risk.

References

https://trac.torproject.org/projects/tor/ticket/33120

x_refsource_MISC

https://security.gentoo.org/glsa/202003-50

vendor-advisoryx_refsource_GENTOO

http://lists.opensuse.org/opensuse-security-announce/2020...

vendor-advisoryx_refsource_SUSE

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 23, 2020
Vulnerability Reserved
Mar 15, 2020

CVE-2020-10592 Data

.