5 matches found
CVE-2023-52263
Brave Browser versions prior to 1.59.40 expose a vulnerability due to improper restriction of the WebUI factory and redirect schema in Brave’s WebUI files (notably brave_content_browser_client.cc and brave_web_ui_controller_factory.cc). The issue is documented across multiple feeds (NVD, Red Hat,...
CVE-2023-28364
CVE-2023-28364 describes an Open Redirect in Brave Browser for Android prior to 1.52.117, where the built-in QR scanner automatically navigated to scanned URLs without showing them first. The vulnerability could lead users to malicious sites via QR-scanned redirects. Evidence across multiple sour...
CVE-2016-9473
CVE-2016-9473 affects Brave Browser on iOS (before 1.2.18) and Android (before 1.9.56). The vulnerability is described as a Full Address Bar Spoofing issue that allows an attacker to display a malicious page for legitimate domain names, potentially misleading users about the site they’re viewing....
CVE-2021-22917
Brave Browser Desktop versions 1.17–1.20 are affected by an information-disclosure vulnerability where DNS requests in Tor windows do not flow through Tor when adblocking is enabled, leaking the user’s real IP (and DNS queries) to external DNS servers/IPs. The Red Hat and other sources corroborat...
CVE-2017-1000461
Brave Browser (0.19.73 and earlier) is affected by CVE-2017-1000461 due to an incorrect access-control flaw in the JS fingerprinting blocking component. This vulnerability could allow a malicious website to access fingerprinting-related browser functionality that the browser intends to block. The...