Known Vulnerabilities for products from Brave
Listed below are 14 of the newest known vulnerabilities associated with the vendor "Brave".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2024-35655 | Not Provided | 2024-06-04 | 2026-04-01 | |
| CVE-2021-22929 | An information disclosure exists in Brave Browser Desktop prior to version 1.28.62, where logged warning messages that includ... | 6.1 - MEDIUM | 2021-08-31 | 2021-09-10 |
| CVE-2021-22917 | Brave Browser Desktop between versions 1.17 and 1.20 is vulnerable to information disclosure by way of DNS requests in Tor wi... | 6.5 - MEDIUM | 2021-07-12 | 2022-08-30 |
| CVE-2021-22916 | In Brave Desktop between versions 1.17 and 1.26.60, when adblocking is enabled and a proxy browser extension is installed, th... | 5.9 - MEDIUM | 2021-07-12 | 2022-08-30 |
| CVE-2021-21323 | Brave is an open source web browser with a focus on privacy and security. In Brave versions 1.17.73-1.20.103, the CNAME adblo... | 5.3 - MEDIUM | 2021-02-23 | 2021-03-01 |
| CVE-2020-8276 | The implementation of Brave Desktop's privacy-preserving analytics system (P3A) between 1.1 and 1.18.35 logged the timestamp ... | 5.5 - MEDIUM | 2020-11-09 | 2020-11-18 |
| CVE-2018-1000815 | Brave Software Inc. Brave version version 0.22.810 to 0.24.0 contains a Other/Unknown vulnerability in function ContentSettin... | 4.3 - MEDIUM | 2018-12-20 | 2019-02-06 |
| CVE-2018-10799 | A hang issue was discovered in Brave before 0.14.0 (on, for example, Linux). This vulnerability is caused by the mishandling ... | 6.5 - MEDIUM | 2018-05-08 | 2018-06-13 |
| CVE-2018-10798 | A hang issue was discovered in Brave before 0.14.0 (on, for example, Linux). The vulnerability is caused by mishandling of Ja... | 6.5 - MEDIUM | 2018-05-08 | 2018-06-13 |
| CVE-2017-1000461 | Brave Software's Brave Browser, version 0.19.73 (and earlier) is vulnerable to an incorrect access control issue in the "JS f... | 4.7 - MEDIUM | 2018-01-03 | 2019-10-03 |
| CVE-2017-18256 | Brave Browser before 0.13.0 allows remote attackers to cause a denial of service (resource consumption) via a long alert() ar... | 6.5 - MEDIUM | 2018-04-04 | 2019-10-03 |
| CVE-2017-8459 | ** DISPUTED ** Brave 0.12.4 has a Status Bar Obfuscation issue in which a redirection target is shown in a possibly unexpecte... | 6.5 - MEDIUM | 2017-05-03 | 2023-11-07 |
| CVE-2017-8458 | Brave 0.12.4 has a URI Obfuscation issue in which a string such as https://[email protected]/ is displayed ... | 6.5 - MEDIUM | 2017-05-03 | 2019-10-03 |
| CVE-2016-10718 | Brave Browser before 0.13.0 allows a tab to close itself even if the tab was not opened by a script, resulting in denial of s... | 7.5 - HIGH | 2018-04-04 | 2018-05-10 |
| CVE-2016-9473 | Brave Browser iOS before 1.2.18 and Brave Browser Android 1.9.56 and earlier suffer from Full Address Bar Spoofing, allowing ... | 4.7 - MEDIUM | 2017-03-28 | 2021-03-19 |