← back
CVE-2021-22917

CVE-2021-22917

EPSS 1.2%CWE-200
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS EPSS 1.2%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
12 Jul 2021Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Brave Browser Desktop between versions 1.17 and 1.20 is vulnerable to information disclosure by way of DNS requests in Tor windows not flowing through Tor if adblocking was enabled.
Affected products
n/a · https://github.com/brave/brave-core

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://hackerone.com/reports/1077022