cvedb.io
CVE-2021-46702
MEDIUM · CVSS 5.5
EPSS exploitation probability: 0%
Published 2022-02-26T03:15:07.407 · Last modified 2026-06-17T04:15:24.113

Summary

Tor Browser 9.0.7 on Windows 10 build 10586 is vulnerable to information disclosure. This could allow local attackers to bypass the intended anonymity feature and obtain information regarding the onion services visited by a local user. This can be accomplished by analyzing RAM memory even several hours after the local user used the product. This occurs because the product doesn't properly free memory.

Affected products

torproject — tor

Does this affect you?

Add your gear to cvedb and we'll alert you only when torproject ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.