CVE-2022-47932
MEDIUM WAF: Medium
CVSS 6.5
Published: 2022-12-24
CWE-400
Brave Browser before 1.43.34 allowed a remote attacker to cause a denial of service via a crafted HTML file that mentions an ipfs:// or ipns:// URL. This vulnerability is caused by an incomplete fix for CVE-2022-47933.
WAF Coverage Analysis
Uncontrolled Resource Consumption
Medium WAF Coverage
OWASP: A05:2021 Security Misconfiguration
912xxx - DOS Protection
Affected Software
| Vendor | Product | Version |
|---|---|---|
| brave | brave | up to 1.42.51 |
References
- github.com (Exploit, Issue Tracking, Third Party Advisory)
- github.com (Patch, Third Party Advisory)
- github.com (Patch, Third Party Advisory)
- hackerone.com (Permissions Required, Third Party Advisory)