Brave 1.23.41

CPE Details

Brave 1.23.41
brave
brave
1.23.41
2021-07-12
10h32 +00:00
2021-07-12
10h39 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:brave:brave:1.23.41:*:*:*:*:*:*:*

Informations

Vendor

brave

Product

brave

Version

1.23.41

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2023-28360 2023-05-11 00h00 +00:00 An omission of security-relevant information vulnerability exists in Brave desktop prior to version 1.48.171 when a user was saving a file there was no download safety check dialog presented to the user.
4.3
Medium
CVE-2022-47932 2022-12-23 23h00 +00:00 Brave Browser before 1.43.34 allowed a remote attacker to cause a denial of service via a crafted HTML file that mentions an ipfs:// or ipns:// URL. This vulnerability is caused by an incomplete fix for CVE-2022-47933.
6.5
Medium
CVE-2022-47933 2022-12-23 23h00 +00:00 Brave Browser before 1.42.51 allowed a remote attacker to cause a denial of service via a crafted HTML file that references the IPFS scheme. This vulnerability is caused by an uncaught exception in the function ipfs::OnBeforeURLRequest_IPFSRedirectWork() in ipfs_redirect_network_delegate_helper.cc.
6.5
Medium
CVE-2022-47934 2022-12-23 23h00 +00:00 Brave Browser before 1.43.88 allowed a remote attacker to cause a denial of service in private and guest windows via a crafted HTML file that mentions an ipfs:// or ipns:// URL. This is caused by an incomplete fix for CVE-2022-47932 and CVE-2022-47934.
6.5
Medium
CVE-2022-30334 2022-05-07 02h29 +00:00 Brave before 1.34, when a Private Window with Tor Connectivity is used, leaks .onion URLs in Referer and Origin headers. NOTE: although this was fixed by Brave, the Brave documentation still advises "Note that Private Windows with Tor Connectivity in Brave are just regular private windows that use Tor as a proxy. Brave does NOT implement most of the privacy protections from Tor Browser."
5.3
Medium
CVE-2021-45884 2021-12-27 20h31 +00:00 In Brave Desktop 1.17 through 1.33 before 1.33.106, when CNAME-based adblocking and a proxying extension with a SOCKS fallback are enabled, additional DNS requests are issued outside of the proxying extension using the system's DNS settings, resulting in information disclosure. NOTE: this issue exists because of an incomplete fix for CVE-2021-21323 and CVE-2021-22916.
7.5
High
CVE-2021-22929 2021-08-31 14h53 +00:00 An information disclosure exists in Brave Browser Desktop prior to version 1.28.62, where logged warning messages that included timestamps of connections to V2 onion domains in tor.log.
6.1
Medium
CVE-2021-22916 2021-07-12 08h22 +00:00 In Brave Desktop between versions 1.17 and 1.26.60, when adblocking is enabled and a proxy browser extension is installed, the CNAME adblocking feature issues DNS requests that used the system DNS settings instead of the extension's proxy settings, resulting in possible information disclosure.
5.9
Medium