2.1
CVSSv2

CVE-2021-46702

Published: 26/02/2022 Updated: 10/03/2022
CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9
CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8
VMScore: 187
Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Summary

Tor Browser 9.0.7 on Windows 10 build 10586 is vulnerable to information disclosure. This could allow local malicious users to bypass the intended anonymity feature and obtain information regarding the onion services visited by a local user. This can be accomplished by analyzing RAM memory even several hours after the local user used the product. This occurs because the product doesn't properly free memory.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

torproject tor 9.0.7

Github Repositories

Tor Browser 9.0.7 on Windows 10 build 10586 is vulnerable to information disclosure. This could allow local attackers to bypass the intended anonymity feature and obtain information regarding the onion services visited by a local user. This can be accomplished by analyzing RAM memory even several hours after the local user used the product. This…

CVE-2021-46702 Description: Tor Browser 907 on Windows 10 build 10586 is vulnerable to information disclosure This could allow local attackers to bypass the intended anonymity feature and obtain information regarding the onion services visited by a local user This can be accomplished by analyzing RAM memory even several hours after the local user used the product This occu