CVE-2021-22916

In Brave Desktop between versions 1.17 and 1.26.60, when adblocking is enabled and a proxy browser extension is installed, the CNAME adblocking feature issues DNS requests that used the system DNS settings instead of the extension's proxy settings, resulting in possible information disclosure...

CVE-2021-22917

Brave Browser Desktop between versions 1.17 and 1.20 is vulnerable to information disclosure by way of DNS requests in Tor windows not flowing through Tor if adblocking was enabled...

EUVD-2021-10046

Malware in sbrugna...

EUVD-2021-10045

Malware in sbrugna...

EUVD-2021-8669

Malicious code in bioql PyPI...

EUVD-2021-32600

Malicious code in bioql PyPI...

CVE-2021-21323

Brave is an open source web browser with a focus on privacy and security. In Brave versions 1.17.73-1.20.103, the CNAME adblocking feature added in Brave 1.17.73 accidentally initiated DNS requests that bypassed the Brave Tor proxy. Users with adblocking enabled would leak DNS requests from Tor...

Bromite 安全漏洞

Bromite is a Chromium fork. It is used for adblocking and privacy enhancement. Bromite has a security vulnerability that stems from the fact that Bromite comes with a hard-coded adblock filter, with versions recognized by the rules it has...

CVE-2021-45884

In Brave Desktop 1.17 through 1.33 before 1.33.106, when CNAME-based adblocking and a proxying extension with a SOCKS fallback are enabled, additional DNS requests are issued outside of the proxying extension using the system's DNS settings, resulting in information disclosure. NOTE: this issue...

Design/Logic Flaw

In Brave Desktop 1.17 through 1.33 before 1.33.106, when CNAME-based adblocking and a proxying extension with a SOCKS fallback are enabled, additional DNS requests are issued outside of the proxying extension using the system's DNS settings, resulting in information disclosure. NOTE: this issue...

CVE-2021-22917

Brave Browser Desktop between versions 1.17 and 1.20 is vulnerable to information disclosure by way of DNS requests in Tor windows not flowing through Tor if adblocking was enabled...

CVE-2021-22916

In Brave Desktop between versions 1.17 and 1.26.60, when adblocking is enabled and a proxy browser extension is installed, the CNAME adblocking feature issues DNS requests that used the system DNS settings instead of the extension's proxy settings, resulting in possible information disclosure...

CVE-2021-22916

In Brave Desktop between versions 1.17 and 1.26.60, when adblocking is enabled and a proxy browser extension is installed, the CNAME adblocking feature issues DNS requests that used the system DNS settings instead of the extension's proxy settings, resulting in possible information disclosure...

Information disclosure

Brave Browser Desktop between versions 1.17 and 1.20 is vulnerable to information disclosure by way of DNS requests in Tor windows not flowing through Tor if adblocking was enabled...

Information disclosure

In Brave Desktop between versions 1.17 and 1.26.60, when adblocking is enabled and a proxy browser extension is installed, the CNAME adblocking feature issues DNS requests that used the system DNS settings instead of the extension's proxy settings, resulting in possible information disclosure...

CVE-2021-22917

Brave Browser Desktop versions 1.17–1.20 are affected by an information-disclosure vulnerability where DNS requests in Tor windows do not flow through Tor when adblocking is enabled, leaking the user’s real IP (and DNS queries) to external DNS servers/IPs. The Red Hat and other sources corroborat...

CVE-2021-22917

Brave Browser Desktop between versions 1.17 and 1.20 is vulnerable to information disclosure by way of DNS requests in Tor windows not flowing through Tor if adblocking was enabled...

CVE-2021-22916

In Brave Desktop between versions 1.17 and 1.26.60, when adblocking is enabled and a proxy browser extension is installed, the CNAME adblocking feature issues DNS requests that used the system DNS settings instead of the extension's proxy settings, resulting in possible information disclosure...

CVE-2021-22916

Brave Desktop CVE-2021-22916 involves information disclosure when CNAME-based adblocking is used with a proxy extension; DNS requests can be issued via system DNS settings instead of the extension proxy, exposing potentially sensitive data. Connected sources corroborate: affected versions include...

PT-2021-15274 · Brave · Brave Browser

Name of the Vulnerable Software and Affected Versions: Brave Browser Desktop versions 1.17 through 1.20 Description: The issue concerns information disclosure through DNS requests in Tor windows that do not flow through Tor when adblocking is enabled. Recommendations: For versions 1.17 through...