Back to search
CVE-2021-45884
Published: Dec 27, 2021
Modified: Aug 4, 2024
PUBLISHED
Description
In Brave Desktop 1.17 through 1.33 before 1.33.106, when CNAME-based adblocking and a proxying extension with a SOCKS fallback are enabled, additional DNS requests are issued outside of the proxying extension using the system's DNS settings, resulting in information disclosure. NOTE: this issue exists because of an incomplete fix for CVE-2021-21323 and CVE-2021-22916.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://github.com/brave/brave-core/pull/10742
x_refsource_MISC
https://github.com/brave/brave-browser/issues/19070
x_refsource_MISC
https://github.com/brave/brave-browser/issues/20079
x_refsource_MISC
https://hackerone.com/reports/1377864
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now