CVE-2021-22929
31.08.2021, 17:15
An information disclosure exists in Brave Browser Desktop prior to version 1.28.62, where logged warning messages that included timestamps of connections to V2 onion domains in tor.log.Enginsight
| Vendor | Product | Version |
|---|---|---|
| brave | brave | 𝑥 < 1.28.62 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-312 - Cleartext Storage of Sensitive InformationThe product stores sensitive information in cleartext within a resource that might be accessible to another control sphere.
- CWE-532 - Insertion of Sensitive Information into Log FileInformation written to log files can be of a sensitive nature and give valuable guidance to an attacker or expose sensitive user information.