CVE-2021-22916

CVE-2021-22916

Vendor N/A
Product https://github.com/brave/brave-core
Weakness CWE-200 · Info exposure
Published July 12, 2021
Last update August 3, 2024

CVSS base score

What the vulnerability does

01Description

In Brave Desktop between versions 1.17 and 1.26.60, when adblocking is enabled and a proxy browser extension is installed, the CNAME adblocking feature issues DNS requests that used the system DNS settings instead of the extension's proxy settings, resulting in possible information disclosure.

Key dates

02Disclosure timeline

July 12, 2021 CVE published
August 3, 2024 Record updated