{"id":"CVE-2021-22917","details":"Brave Browser Desktop between versions 1.17 and 1.20 is vulnerable to information disclosure by way of DNS requests in Tor windows not flowing through Tor if adblocking was enabled.","modified":"2026-04-10T04:35:35.114570Z","published":"2021-07-12T11:15:07.853Z","references":[{"type":"ADVISORY","url":"https://hackerone.com/reports/1077022"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/brave/brave-ios","events":[{"introduced":"0"},{"fixed":"e676dd6c6200ee251dda7ca6e068be3f77399ef2"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"1.20"}]}}],"versions":["1.13-public","v0.0","v1.10","v1.11","v1.11.2","v1.12","v1.12.1","v1.13","v1.14","v1.14.2","v1.15","v1.16","v1.16.1","v1.17","v1.19","v1.19.1","v1.19.2","v1.7","v1.7.1","v1.7.2","v1.8","v1.9","v1.9.1"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-22917.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}]}