Information Disclosure in Brave Browser: Logged Timestamps of Connections to V2 Onion Domains

Information Disclosure in Brave Browser: Logged Timestamps of Connections to V2 Onion Domains

CVE-2021-22929 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N

An information disclosure exists in Brave Browser Desktop prior to version 1.28.62, where logged warning messages that included timestamps of connections to V2 onion domains in tor.log.

Learn more about our Cis Benchmark Audit For Desktop Software.