{"vulnerability": "CVE-2021-39246", "sightings": [{"uuid": "982b572f-9b53-4ab5-ae73-82b38bc4d97b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-39246", "type": "published-proof-of-concept", "source": "https://t.me/cKure/7313", "content": "\u25a0\u25a0\u25a0\u25a0\u25a0 CVE-2021-39246 \u2013 Tor Browser through 10.5.6 and 11.x through 11.0a4 allows a correlation attack excessive verbose logging \u2013 Windows, macOS, Linux\n\nhttps://sick.codes/sick-2021-111/", "creation_timestamp": "2021-09-26T06:30:57.000000Z"}, {"uuid": "0a0ac6c9-e1df-485d-99cd-b86b2b2e940c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-39246", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/4386", "content": "#exploit\n1. CVE-2021-39246:\nTor Browser through 10.5.6, 11.x through 11.0a4 allows a correlation attack excessive verbose logging - Windows, macOS, Linux\nhttps://sick.codes/sick-2021-111\n2. CVE-2020-10086:\nGitLab 10.4 - 12.8.1 - Directory Traversal\nhttps://github.com/Mochican/CVE-2021-10086", "creation_timestamp": "2021-09-27T13:09:13.000000Z"}, {"uuid": "8ad9770b-a9fa-4c6e-9b11-c2064b0fe09b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-39246", "type": "seen", "source": "https://t.me/cibsecurity/29402", "content": "\u203c CVE-2021-39246 \u203c\n\nTor Browser through 10.5.6 and 11.x through 11.0a4 allows a correlation attack that can compromise the privacy of visits to v2 onion addresses. If --log or --verbose is used, exact timestamps of these onion-service visits are logged locally, and an attacker might be able to compare them to timestamp data collected by the destination server (or collected by a rogue site within the Tor network).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-24T22:31:02.000000Z"}]}