Vulnerabilities > CVE-2019-12383 - Information Exposure Through Discrepancy vulnerability in Torproject TOR Browser

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
LOW
Integrity impact
NONE
Availability impact
NONE
network
low complexity
torproject
CWE-203

Summary

Tor Browser before 8.0.1 has an information exposure vulnerability. It allows remote attackers to detect the browser's UI locale by measuring a button width, even if the user has a "Don't send my language" setting.

Common Weakness Enumeration (CWE)