Описание
Brave Browser before 1.42.51 allowed a remote attacker to cause a denial of service via a crafted HTML file that references the IPFS scheme. This vulnerability is caused by an uncaught exception in the function ipfs::OnBeforeURLRequest_IPFSRedirectWork() in ipfs_redirect_network_delegate_helper.cc.
Ссылки
- ExploitIssue TrackingThird Party Advisory
- Issue TrackingRelease NotesThird Party Advisory
- PatchThird Party Advisory
- PatchThird Party Advisory
- Permissions RequiredThird Party Advisory
- ExploitIssue TrackingThird Party Advisory
- Issue TrackingRelease NotesThird Party Advisory
- PatchThird Party Advisory
- PatchThird Party Advisory
- Permissions RequiredThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.42.51 (исключая)
cpe:2.3:a:brave:brave:*:*:*:*:*:*:*:*
EPSS
Процентиль: 72%
0.00725
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-755
CWE-755
Связанные уязвимости
CVSS3: 6.5
debian
около 3 лет назад
Brave Browser before 1.42.51 allowed a remote attacker to cause a deni ...
CVSS3: 6.5
github
около 3 лет назад
Brave Browser before 1.42.51 allowed a remote attacker to cause a denial of service via a crafted HTML file that references the IPFS scheme. This vulnerability is caused by an uncaught exception in the function ipfs::OnBeforeURLRequest_IPFSRedirectWork() in ipfs_redirect_network_delegate_helper.cc.
EPSS
Процентиль: 72%
0.00725
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-755
CWE-755