Information Disclosure Vulnerability in Brave Browser Desktop (Versions 1.17-1.20) with Adblocking and Tor Windows

Information Disclosure Vulnerability in Brave Browser Desktop (Versions 1.17-1.20) with Adblocking and Tor Windows

CVE-2021-22917 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Brave Browser Desktop between versions 1.17 and 1.20 is vulnerable to information disclosure by way of DNS requests in Tor windows not flowing through Tor if adblocking was enabled.

Learn more about our Cis Benchmark Audit For Desktop Software.