CVE-2021-45884

Published
View on NVD ↗
CVSS v3
7.5
HIGH
CVSS v2
4.3
MEDIUM
Affected
2
PROJECTS

Description

In Brave Desktop 1.17 through 1.33 before 1.33.106, when CNAME-based adblocking and a proxying extension with a SOCKS fallback are enabled, additional DNS requests are issued outside of the proxying extension using the system's DNS settings, resulting in information disclosure. NOTE: this issue exists because of an incomplete fix for CVE-2021-21323 and CVE-2021-22916.

brave/brave-core
brave/brave-core
Core engine for the Brave browser for mobile and desktop. For issues https://github.com/brave/brave-browser/issues
GitHubGitHub
3.37K
brave/brave-browser
brave/brave-browser
Brave browser for Android, iOS, Linux, macOS, Windows.
GitHubGitHub
22.9K