CVE-2011-4896
Tor < 0.2.2.24-alpha - Unauthorized Sensitive Information Exposure via Bridge Configuration
Title source: llmDescription
Tor before 0.2.2.24-alpha continues to use a reachable bridge that was previously configured but is not currently configured, which might allow remote attackers to obtain sensitive information about clients in opportunistic circumstances by monitoring network traffic to the bridge port.
References (1)
Core 1
Core References
Various Sources x_refsource_confirm
https://blog.torproject.org/blog/tor-02224-alpha-out
Scores
EPSS
0.0159
EPSS Percentile
72.7%
Details
CWE
CWE-200
Status
published
Products (47)
tor/tor
0.0.2
tor/tor
0.0.3
tor/tor
0.0.4
tor/tor
0.0.5
tor/tor
0.0.6
tor/tor
0.0.6.1
tor/tor
0.0.6.2
tor/tor
0.0.7
tor/tor
0.0.7.1
tor/tor
0.0.7.2
... and 37 more
Published
Dec 23, 2011
Tracked Since
Feb 18, 2026