Unrated severityNVD Advisory· Published Aug 31, 2021· Updated Aug 3, 2024

CVE-2021-22929

Description

An information disclosure exists in Brave Browser Desktop prior to version 1.28.62, where logged warning messages that included timestamps of connections to V2 onion domains in tor.log.

Affected products

Brave/Browser Desktopdescription
osv-coords5 versions
pkg:rpm/opensuse/tor&distro=openSUSE%20Leap%2015.2 pkg:rpm/opensuse/tor&distro=openSUSE%20Leap%2015.3 pkg:rpm/opensuse/tor&distro=openSUSE%20Tumbleweed pkg:rpm/suse/tor&distro=SUSE%20Package%20Hub%2015%20SP2 pkg:rpm/suse/tor&distro=SUSE%20Package%20Hub%2015%20SP3
< 0.4.6.8-bp153.2.9.1+ 4 more
- (no CPE)range: < 0.4.6.8-bp153.2.9.1
- (no CPE)range: < 0.4.6.8-bp153.2.9.1
- (no CPE)range: < 0.4.6.8-1.1
- (no CPE)range: < 0.4.6.8-bp152.2.18.1
- (no CPE)range: < 0.4.6.8-bp153.2.9.1

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

hackerone.com/reports/1249056mitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000