First published: Wed Jan 03 2018(Updated: )
Brave Software's Brave Browser, version 0.19.73 (and earlier) is vulnerable to an incorrect access control issue in the "JS fingerprinting blocking" component, resulting in a malicious website being able to access the fingerprinting-associated browser functionality (that the browser intends to block).
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Brave Browser | <=0.19.73 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2017-1000461 is a vulnerability in Brave Browser version 0.19.73 and earlier.
The severity of CVE-2017-1000461 is medium with a CVSS score of 4.7.
CVE-2017-1000461 allows a malicious website to access the fingerprinting-related browser functionality that Brave Browser intends to block.
Yes, upgrading to the latest version of Brave Browser will fix the CVE-2017-1000461 vulnerability.
You can find more information about CVE-2017-1000461 at the following link: [reference](https://github.com/brave/browser-laptop/issues/11683#issuecomment-339835601)