Please remember that Tor has since fixed these bugs. What is important, though, is that nobody (not even the government) should be allowed to legally decipher _all_ (or most) of the traffic going through a network/service.

We could say the same for HTTPs, because it also had its fair share of vulnerabilities.