vulnerability
FreeBSD: VID-f393b5a7-1535-11ef-8064-c5610a6efffb (CVE-2024-35313): Arti -- Security issues related to circuit construction
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:N/AC:L/Au:N/C:P/I:P/A:P) | May 18, 2024 | May 18, 2024 | Dec 10, 2025 |
Severity
7
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Published
May 18, 2024
Added
May 18, 2024
Modified
Dec 10, 2025
Description
Tor Project reports: When building anonymizing circuits to or from an onion service with 'lite' vanguards (the default) enabled, the circuit manager code would build the circuits with one hop too few. When 'full' vanguards are enabled, some circuits are supposed to be built with an extra hop to minimize the linkability of the guard nodes. In some circumstances, the circuit manager would build circuits with one hop too few, making it easier for an adversary to discover the L2 and L3 guards of the affected clients and services.
Solution
freebsd-upgrade-package-arti
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.