CVE-2021-22917

Опубликовано: 12 июл. 2021

Источник: nvd

CVSS3: 6.5

CVSS2: 4.3

EPSS Низкий

Описание

Brave Browser Desktop between versions 1.17 and 1.20 is vulnerable to information disclosure by way of DNS requests in Tor windows not flowing through Tor if adblocking was enabled.

Ссылки

https://hackerone.com/reports/1077022
Third Party Advisory
https://hackerone.com/reports/1077022
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:brave:browser:*:*:*:*:*:*:*:*

Версия от 1.17 (исключая) до 1.20 (исключая)

EPSS

Процентиль: 53%

0.00301

Низкий

6.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-200

NVD-CWE-Other

Связанные уязвимости

CVE-2021-22917

CVSS3: 6.5

debian

больше 4 лет назад

Brave Browser Desktop between versions 1.17 and 1.20 is vulnerable to ...

GHSA-gvj3-42m2-8xqw

CVSS3: 6.5

github

больше 3 лет назад

Brave Browser Desktop between versions 1.17 and 1.20 is vulnerable to information disclosure by way of DNS requests in Tor windows not flowing through Tor if adblocking was enabled.

EPSS

Процентиль: 53%

0.00301

Низкий

6.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-200

NVD-CWE-Other