Описание
In Brave Desktop between versions 1.17 and 1.26.60, when adblocking is enabled and a proxy browser extension is installed, the CNAME adblocking feature issues DNS requests that used the system DNS settings instead of the extension's proxy settings, resulting in possible information disclosure.
Ссылки
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 1.17.0 (включая) до 1.26.60 (включая)
cpe:2.3:a:brave:brave:*:*:*:*:*:*:*:*
EPSS
Процентиль: 33%
0.00128
Низкий
5.9 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-200
NVD-CWE-Other
Связанные уязвимости
CVSS3: 5.9
debian
больше 4 лет назад
In Brave Desktop between versions 1.17 and 1.26.60, when adblocking is ...
CVSS3: 5.9
github
больше 3 лет назад
In Brave Desktop between versions 1.17 and 1.26.60, when adblocking is enabled and a proxy browser extension is installed, the CNAME adblocking feature issues DNS requests that used the system DNS settings instead of the extension's proxy settings, resulting in possible information disclosure.
EPSS
Процентиль: 33%
0.00128
Низкий
5.9 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-200
NVD-CWE-Other