CVE-2021-22917

EPSS 1.2%CWE-200

Brave Browser Desktop between versions 1.17 and 1.20 is vulnerable to information disclosure by way of DNS requests in Tor windows not flowing through Tor if adblocking was enabled.

Affected products

n/a · https://github.com/brave/brave-core

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://hackerone.com/reports/1077022