CVE-2022-47932
https://notcve.org/view.php?id=CVE-2022-47932
Brave Browser before 1.43.34 allowed a remote attacker to cause a denial of service via a crafted HTML file that mentions an ipfs:// or ipns:// URL. This vulnerability is caused by an incomplete fix for CVE-2022-47933. Brave Browser anterior a 1.43.34 permitía a un atacante remoto provocar una Denegación de Servicio (DoS) a través de un archivo HTML manipulado que menciona una URL ipfs:// o ipns://. Esta vulnerabilidad se debe a una solución incompleta para CVE-2022-47933. • https://github.com/brave/brave-browser/issues/24093 https://github.com/brave/brave-core/commit/e73309665508c17e48a67e302d3ab02a38d3ef50 https://github.com/brave/brave-core/pull/14211 https://hackerone.com/reports/1636430 •
CVE-2022-30334
https://notcve.org/view.php?id=CVE-2022-30334
Brave before 1.34, when a Private Window with Tor Connectivity is used, leaks .onion URLs in Referer and Origin headers. NOTE: although this was fixed by Brave, the Brave documentation still advises "Note that Private Windows with Tor Connectivity in Brave are just regular private windows that use Tor as a proxy. Brave does NOT implement most of the privacy protections from Tor Browser." Brave versiones anteriores a 1.34, cuando se usa una Ventana Privada con Conectividad Tor, filtra URLs .onion en los encabezados Referer y Origin. NOTA: aunque esto fue arreglado por Brave, la documentación de Brave todavía aconseja "Tenga en cuenta que las Ventanas Privadas con Conectividad Tor en Brave son sólo ventanas privadas regulares que usan Tor como proxy. • https://github.com/brave/brave-browser/issues/18071 https://github.com/brave/brave-core/pull/10760 https://hackerone.com/reports/1337624 https://support.brave.com/hc/en-us/articles/360018121491-What-is-a-Private-Window-with-Tor-Connectivity- • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2021-22929
https://notcve.org/view.php?id=CVE-2021-22929
An information disclosure exists in Brave Browser Desktop prior to version 1.28.62, where logged warning messages that included timestamps of connections to V2 onion domains in tor.log. Se presenta una divulgación de información en Brave Browser Desktop versiones anteriores a 1.28.62, donde se registraban mensajes de advertencia que incluían marcas de tiempo de conexiones a dominios V2 onion en tor.log • https://hackerone.com/reports/1249056 • CWE-312: Cleartext Storage of Sensitive Information CWE-532: Insertion of Sensitive Information into Log File •
CVE-2018-10799
https://notcve.org/view.php?id=CVE-2018-10799
A hang issue was discovered in Brave before 0.14.0 (on, for example, Linux). This vulnerability is caused by the mishandling of a long URL formed by window.location+='?\u202a\uFEFF\u202b'; concatenation in a SCRIPT element. Se ha descubierto un problema de bloqueo en Brave en versiones anteriores a la 0.14.0 (por ejemplo, en Linux). La vulnerabilidad está provocada por la gestión incorrecta de una URL larga formada por una concatenación window.location+='? • https://hackerone.com/reports/181558 • CWE-20: Improper Input Validation •
CVE-2018-10798
https://notcve.org/view.php?id=CVE-2018-10798
A hang issue was discovered in Brave before 0.14.0 (on, for example, Linux). The vulnerability is caused by mishandling of JavaScript code that triggers the reload of a page continuously with an interval of 1 second. Se ha descubierto un problema de bloqueo en Brave en versiones anteriores a la 0.14.0 (por ejemplo, en Linux). La vulnerabilidad está provocada por la gestión incorrecta de código JavaScript que desencadena la recarga de una página continuamente con un intervalo de 1 segundo. • https://hackerone.com/reports/181686 • CWE-20: Improper Input Validation •