Vulnerabilities (Page 6)

macOS Gatekeeper Bypass

Gatekeeper would misclassify certain types of applications allowing them to run without any restriction. Specifically you can cause a confusion in the policy engine regarding whether the app is bundled or not…

 

Insecurely Configured File Provide Exposes Brave's Cookie Database

Brave when configuring its File Provider exposes all files form its public and private directory. This means an app could trigger a download a Brave’s cookie database by making a request to the content:// url for it and have it downloaded into the Downloads folder where any app could read it.

 
1
2
3
4
5
6
7