CVE-2021-21323

Name of the Vulnerable Software and Affected Versions Brave versions 1.17.73 through 1.20.103

Description The issue concerns the CNAME adblocking feature in Brave, which was added in version 1.17.73. This feature accidentally initiated DNS requests that bypassed the Brave Tor proxy. As a result, users with adblocking enabled would leak DNS requests from Tor windows to their DNS provider. DNS requests not initiated by CNAME adblocking would still go through Tor as expected.

Recommendations For versions 1.17.73 through 1.20.103, update to version 1.20.108 to resolve the issue. As a temporary workaround, consider disabling the CNAME adblocking feature until the update to version 1.20.108 is applied.