Vulnerability feed
CONTRIBUTE

Vulnerability

warn

CVE-2022-30334

Reference to the description:

https://nvd.nist.gov/vuln/detail/CVE-2022-30334

Description:
Brave before 1.34, when a Private Window with Tor Connectivity is used, leaks .onion URLs in Referer and Origin headers. NOTE: although this was fixed by Brave, the Brave documentation still advises "Note that Private Windows with Tor Connectivity in Brave are just regular private windows that use Tor as a proxy. Brave does NOT implement most of the privacy protections from Tor Browser."
Last updated date:
05/17/2022
Type:
exploit
Confidence:
HIGH
Date of publishing:
05/17/2022
Reference url to background

https://github.com/brave/brave-core/pull/10760

Type:
exploit
Confidence:
HIGH
Date of publishing:
05/17/2022
Reference url to background

https://hackerone.com/reports/1337624

Vulnerability FeedContributorsAbout

@inTheWild

©2022

Privacy Policy