CVE-2021-22917

Summary

Brave Browser Desktop between versions 1.17 and 1.20 is vulnerable to information disclosure by way of DNS requests in Tor windows not flowing through Tor if adblocking was enabled.

Affected Software

VendorProductVersion RangeStatus
n/ahttps://github.com/brave/brave-coreFixed in 1.20affected

Weaknesses

  • CWE-200: Information Disclosure (CWE-200)

ADP Enrichment

CVE Program Container

Additional References

References