{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/103032?format=json","vulnerability_id":"VCID-542d-815e-83cw","summary":"routerlist.c in Tor before 0.2.2.38 uses a different amount of time for relay-list iteration depending on which relay is chosen, which might allow remote attackers to obtain sensitive information about relay selection via a timing side-channel attack.","aliases":[{"alias":"CVE-2012-3519"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132808?format=json","purl":"pkg:deb/debian/tor@0.2.3.20-rc-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tor@0.2.3.20-rc-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/4189?format=json","purl":"pkg:deb/debian/tor@0.2.4.27-1~deb6u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-33xt-scs6-wkbd"},{"vulnerability":"VCID-4q38-q6jc-cubm"},{"vulnerability":"VCID-5779-f3bx-zugc"},{"vulnerability":"VCID-6cne-tp6s-1ueg"},{"vulnerability":"VCID-7gv7-bx89-5yft"},{"vulnerability":"VCID-aftp-jtpf-tqdv"},{"vulnerability":"VCID-aqvf-4rpu-hqcn"},{"vulnerability":"VCID-at9y-3mzk-gyc4"},{"vulnerability":"VCID-cnd5-m5xd-w7g4"},{"vulnerability":"VCID-dqnh-ncbc-4fcr"},{"vulnerability":"VCID-dx9m-m9ua-8kd1"},{"vulnerability":"VCID-ete4-gpxd-wbe5"},{"vulnerability":"VCID-faqc-7efp-sqgc"},{"vulnerability":"VCID-gcmp-p8bd-v7ay"},{"vulnerability":"VCID-h3uy-5hxy-xfej"},{"vulnerability":"VCID-jp94-5azy-5fhs"},{"vulnerability":"VCID-m4n1-35pk-ubbd"},{"vulnerability":"VCID-n88a-g5u5-ffhp"},{"vulnerability":"VCID-n9f6-wsep-vbgw"},{"vulnerability":"VCID-nqan-7f1r-q7d5"},{"vulnerability":"VCID-p1bj-jq7j-dbe8"},{"vulnerability":"VCID-p251-q8c6-q7am"},{"vulnerability":"VCID-q78a-242x-sua7"},{"vulnerability":"VCID-rz36-7x1c-bket"},{"vulnerability":"VCID-sxr6-fa71-97gs"},{"vulnerability":"VCID-t1jj-fxxa-1qc1"},{"vulnerability":"VCID-vdcw-7wrk-xqcx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tor@0.2.4.27-1~deb6u1"},{"url":"http://public2.vulnerablecode.io/api/packages/132750?format=json","purl":"pkg:deb/debian/tor@0.4.5.16-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bsdr-v8rg-3bhj"},{"vulnerability":"VCID-fh9m-2jrz-ukb8"},{"vulnerability":"VCID-h6ru-mr4z-tfe8"},{"vulnerability":"VCID-m6nt-a1ew-3ygp"},{"vulnerability":"VCID-rgyz-gf7b-y3ap"},{"vulnerability":"VCID-ujxu-g8sn-mqac"},{"vulnerability":"VCID-yhw9-kfub-67gx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tor@0.4.5.16-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132748?format=json","purl":"pkg:deb/debian/tor@0.4.9.8-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tor@0.4.9.8-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132752?format=json","purl":"pkg:deb/debian/tor@0.4.9.8-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tor@0.4.9.8-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132751?format=json","purl":"pkg:deb/debian/tor@0.4.9.8-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tor@0.4.9.8-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/190610?format=json","purl":"pkg:ebuild/net-misc/tor@0.2.3.25","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/net-misc/tor@0.2.3.25"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4187?format=json","purl":"pkg:deb/debian/tor@0.2.1.32-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1a49-kg7b-3qdf"},{"vulnerability":"VCID-33xt-scs6-wkbd"},{"vulnerability":"VCID-4fgb-bku5-gfbk"},{"vulnerability":"VCID-4q38-q6jc-cubm"},{"vulnerability":"VCID-542d-815e-83cw"},{"vulnerability":"VCID-5779-f3bx-zugc"},{"vulnerability":"VCID-57fw-642r-fugv"},{"vulnerability":"VCID-6cne-tp6s-1ueg"},{"vulnerability":"VCID-6kuk-qrgj-r3g3"},{"vulnerability":"VCID-7gv7-bx89-5yft"},{"vulnerability":"VCID-7tbb-4km1-qqbj"},{"vulnerability":"VCID-8w3j-h4ax-wbes"},{"vulnerability":"VCID-93ex-pxm8-c3dh"},{"vulnerability":"VCID-aftp-jtpf-tqdv"},{"vulnerability":"VCID-aqvf-4rpu-hqcn"},{"vulnerability":"VCID-at9y-3mzk-gyc4"},{"vulnerability":"VCID-byue-hp6z-j3b3"},{"vulnerability":"VCID-cnd5-m5xd-w7g4"},{"vulnerability":"VCID-dqnh-ncbc-4fcr"},{"vulnerability":"VCID-dx9m-m9ua-8kd1"},{"vulnerability":"VCID-ete4-gpxd-wbe5"},{"vulnerability":"VCID-faqc-7efp-sqgc"},{"vulnerability":"VCID-fr2j-w22v-bkef"},{"vulnerability":"VCID-fsjw-tkjy-2bc5"},{"vulnerability":"VCID-gcmp-p8bd-v7ay"},{"vulnerability":"VCID-h3uy-5hxy-xfej"},{"vulnerability":"VCID-jp94-5azy-5fhs"},{"vulnerability":"VCID-m4n1-35pk-ubbd"},{"vulnerability":"VCID-n88a-g5u5-ffhp"},{"vulnerability":"VCID-n9f6-wsep-vbgw"},{"vulnerability":"VCID-nbfj-84k1-8beb"},{"vulnerability":"VCID-nqan-7f1r-q7d5"},{"vulnerability":"VCID-p1bj-jq7j-dbe8"},{"vulnerability":"VCID-p251-q8c6-q7am"},{"vulnerability":"VCID-p4p5-rdpu-jbd8"},{"vulnerability":"VCID-pky6-xd82-eyfr"},{"vulnerability":"VCID-q78a-242x-sua7"},{"vulnerability":"VCID-rz36-7x1c-bket"},{"vulnerability":"VCID-sxr6-fa71-97gs"},{"vulnerability":"VCID-t1jj-fxxa-1qc1"},{"vulnerability":"VCID-udhd-p57h-t7er"},{"vulnerability":"VCID-vdcw-7wrk-xqcx"},{"vulnerability":"VCID-vfxh-33r2-cfa8"},{"vulnerability":"VCID-xz2b-ed61-d7hx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tor@0.2.1.32-1"},{"url":"http://public2.vulnerablecode.io/api/packages/4188?format=json","purl":"pkg:deb/debian/tor@0.2.2.39-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-33xt-scs6-wkbd"},{"vulnerability":"VCID-4q38-q6jc-cubm"},{"vulnerability":"VCID-542d-815e-83cw"},{"vulnerability":"VCID-5779-f3bx-zugc"},{"vulnerability":"VCID-57fw-642r-fugv"},{"vulnerability":"VCID-6cne-tp6s-1ueg"},{"vulnerability":"VCID-7gv7-bx89-5yft"},{"vulnerability":"VCID-7tbb-4km1-qqbj"},{"vulnerability":"VCID-8w3j-h4ax-wbes"},{"vulnerability":"VCID-aftp-jtpf-tqdv"},{"vulnerability":"VCID-aqvf-4rpu-hqcn"},{"vulnerability":"VCID-at9y-3mzk-gyc4"},{"vulnerability":"VCID-cnd5-m5xd-w7g4"},{"vulnerability":"VCID-dqnh-ncbc-4fcr"},{"vulnerability":"VCID-dx9m-m9ua-8kd1"},{"vulnerability":"VCID-ete4-gpxd-wbe5"},{"vulnerability":"VCID-faqc-7efp-sqgc"},{"vulnerability":"VCID-fsjw-tkjy-2bc5"},{"vulnerability":"VCID-gcmp-p8bd-v7ay"},{"vulnerability":"VCID-h3uy-5hxy-xfej"},{"vulnerability":"VCID-jp94-5azy-5fhs"},{"vulnerability":"VCID-m4n1-35pk-ubbd"},{"vulnerability":"VCID-n88a-g5u5-ffhp"},{"vulnerability":"VCID-n9f6-wsep-vbgw"},{"vulnerability":"VCID-nbfj-84k1-8beb"},{"vulnerability":"VCID-nqan-7f1r-q7d5"},{"vulnerability":"VCID-p1bj-jq7j-dbe8"},{"vulnerability":"VCID-p251-q8c6-q7am"},{"vulnerability":"VCID-p4p5-rdpu-jbd8"},{"vulnerability":"VCID-pky6-xd82-eyfr"},{"vulnerability":"VCID-q78a-242x-sua7"},{"vulnerability":"VCID-rz36-7x1c-bket"},{"vulnerability":"VCID-sxr6-fa71-97gs"},{"vulnerability":"VCID-t1jj-fxxa-1qc1"},{"vulnerability":"VCID-udhd-p57h-t7er"},{"vulnerability":"VCID-vdcw-7wrk-xqcx"},{"vulnerability":"VCID-vfxh-33r2-cfa8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tor@0.2.2.39-1"}],"references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-3519","reference_id":"","reference_type":"","scores":[{"value":"0.00635","scoring_system":"epss","scoring_elements":"0.7078","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00635","scoring_system":"epss","scoring_elements":"0.70822","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-3519"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3519","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3519"},{"reference_url":"https://security.gentoo.org/glsa/201301-03","reference_id":"GLSA-201301-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201301-03"}],"weaknesses":[],"exploits":[],"severity_range_score":null,"exploitability":null,"weighted_severity":null,"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-542d-815e-83cw"}