CVE-2022-47932

Опубликовано: 24 дек. 2022

Источник: nvd

CVSS3: 6.5

EPSS Низкий

Описание

Brave Browser before 1.43.34 allowed a remote attacker to cause a denial of service via a crafted HTML file that mentions an ipfs:// or ipns:// URL. This vulnerability is caused by an incomplete fix for CVE-2022-47933.

Ссылки

https://github.com/brave/brave-browser/issues/24093
Exploit
Issue Tracking
Third Party Advisory
https://github.com/brave/brave-core/commit/e73309665508c17e48a67e302d3ab02a38d3ef50
Patch
Third Party Advisory
https://github.com/brave/brave-core/pull/14211
Patch
Third Party Advisory
https://hackerone.com/reports/1636430
Permissions Required
Third Party Advisory
https://github.com/brave/brave-browser/issues/24093
Exploit
Issue Tracking
Third Party Advisory
https://github.com/brave/brave-core/commit/e73309665508c17e48a67e302d3ab02a38d3ef50
Patch
Third Party Advisory
https://github.com/brave/brave-core/pull/14211
Patch
Third Party Advisory
https://hackerone.com/reports/1636430
Permissions Required
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:brave:brave:*:*:*:*:*:*:*:*

Версия до 1.42.51 (исключая)

EPSS

Процентиль: 73%

0.00758

Низкий

6.5 Medium

CVSS3

Дефекты

NVD-CWE-Other

CWE-400

Связанные уязвимости

CVE-2022-47932

CVSS3: 6.5

debian

около 3 лет назад

Brave Browser before 1.43.34 allowed a remote attacker to cause a deni ...

GHSA-7g3f-6r3q-3qmq

CVSS3: 6.5

github

около 3 лет назад

EPSS

Процентиль: 73%

0.00758

Низкий

6.5 Medium

CVSS3

Дефекты

NVD-CWE-Other

CWE-400