Lucene search

[email protected]NVD:CVE-2022-47932

HistoryDec 24, 2022 - 10:15 p.m.

CVE-2022-47932

2022-12-2422:15:09

[email protected]

web.nvd.nist.gov

brave browser

denial of service

crafted html file

ipfs

ipns

incomplete fix

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

0.002 Low

EPSS

Percentile

61.7%

JSON

Brave Browser before 1.43.34 allowed a remote attacker to cause a denial of service via a crafted HTML file that mentions an ipfs:// or ipns:// URL. This vulnerability is caused by an incomplete fix for CVE-2022-47933.

Affected configurations

NVD

Node

bravebraveRange<1.42.51

References

github.com/brave/brave-browser/issues/24093

github.com/brave/brave-core/commit/e73309665508c17e48a67e302d3ab02a38d3ef50

github.com/brave/brave-core/pull/14211

hackerone.com/reports/1636430

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

0.002 Low

EPSS

Percentile

61.7%

JSON

Related for NVD:CVE-2022-47932

osv3 cvelist3 prion3 cve3 nvd2