CVE-2022-47933

Name of the Vulnerable Software and Affected Versions Brave Browser versions prior to 1.42.51

Description The issue allows a remote attacker to cause a denial of service via a crafted HTML file that references the IPFS scheme. This is caused by an uncaught exception in the function ipfs::OnBeforeURLRequest IPFSRedirectWork() in ipfs redirect network delegate helper.cc.

Recommendations For versions prior to 1.42.51, update to version 1.42.51 or later to resolve the issue. As a temporary workaround, consider disabling the ipfs::OnBeforeURLRequest IPFSRedirectWork() function until a patch is available. Restrict access to HTML files that reference the IPFS scheme to minimize the risk of exploitation.