CVE-2024-37406

2024-09-1821:54:09

hackerone

www.cve.org

brave android

v1.67.116

shields popup

domain confusion

EPSS

Percentile

9.6%

JSON

In Brave Android prior to v1.67.116, domains in the Brave Shields popup are elided from the right instead of the left, which may lead to domain confusion.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "vendor": "Brave",
    "product": "Android Browser",
    "versions": [
      {
        "version": "1.67.116",
        "status": "affected",
        "lessThan": "1.67.116",
        "versionType": "semver"
      }
    ]
  }
]

References

hackerone.com/reports/2501378

EPSS

Percentile

9.6%

JSON

Related for CVELIST:CVE-2024-37406