CVE-2016-3180
Published
CVSS v3
N/A
CVSS v2
6.8
MEDIUM
Affected
1
PROJECT
Description
Tor Browser Launcher (aka torbrowser-launcher) before 0.2.4, during the initial run, allows man-in-the-middle attackers to bypass the PGP signature verification and execute arbitrary code via a Trojan horse tar file and a signature file with the valid tarball and signature.
Securely and easily download, verify, install, and launch Tor Browser in Linux. This repository is a mirror of https://gitlab.torproject.org/tpo/applications/torbrowser-launcher
GitHub