Brave Browser before 1.42.51 allowed a remote attacker to cause a denial of service via a crafted HTML file that references the IPFS scheme. This vuln

BROWSER

15-04-2025 19:44

CVE-2022-47933 Vulnerabilidad documentada

6.5 MEDIUM

Tags

#brave

#browser

#vulnerability

#remote

#denial

#allow

#attack

Descripción

Brave Browser before 1.42.51 allowed a remote attacker to cause denial of service via crafted HTML file that references the IPFS scheme. This vulnerability is caused by an uncaught exception in function ipfs::OnBeforeURLRequest_IPFSRedirectWork() ipfs_redirect_network_delegate_helper.cc.

https://github.com/brave/brave-browser/issues/23646

https://github.com/brave/brave-browser/issues/24378

https://github.com/brave/brave-core/commit/7ef8cb2f232abdf59ec9c3c99a086a14b972bc56

https://github.com/brave/brave-core/pull/13989

https://hackerone.com/reports/1610343

https://github.com/brave/brave-browser/issues/23646

https://github.com/brave/brave-browser/issues/24378

https://github.com/brave/brave-core/commit/7ef8cb2f232abdf59ec9c3c99a086a14b972bc56

https://github.com/brave/brave-core/pull/13989

https://hackerone.com/reports/1610343

Referencia

Link externo

Ver detalles

Fuente

https://nvd.nist.gov/vuln/detail/CVE-2022-47933

Resultados similares

Coincidentes en almenos en 50% de los tags

18-04-2025 CVE-2024-45651
IBM Sterling Connect:Direct Web Services 6.1.0, 6.2.0, and 6.3.0 does not invalidate session ...
Ver información

17-04-2025 CVE-2025-2197
Browser is affected by type confusion vulnerability, successful exploitation of this vulnerabil...
Ver información