Brave Software

target_in_scope

asset_identifier asset_type availability requirement confidentiality requirement eligible for bounty eligible for submission integrity requirement max_severity
0x0d8775f648430679a709e98d2b0cb6250d2887ef OTHER critical
We are particularly interested in any security issue which has consequences for this Ethereum address.
0x44fcfabfbe32024a01b778c025d70498382cced0 OTHER critical
We are particularly interested in any security issue which has consequences for this Ethereum address.
0x67fa2c06c9c6d4332f330e14a66bdf1873ef3d2b OTHER critical
We are particularly interested in any security issue which has consequences for this Ethereum address.
0x7c31560552170ce96c4a7b018e93cddc19dc61b6 OTHER critical
We are particularly interested in any security issue which has consequences for this Ethereum address.
0xfbfa258b9028c7d4fc52ce28031469214d10daeb OTHER critical
We are particularly interested in any security issue which has consequences for this Ethereum address.
basicattentiontoken.org URL medium low medium critical
We are not generally interested in bugs on the static website hosted <basicattentiontoken.org>. Particularly severe bugs which threaten immediate user harm may be considered. Due to report volume, we do not guarantee responses to website-related submissions.
brave.com URL medium low medium critical
We are not generally interested in bugs on <brave.com>. Particularly severe bugs which threaten immediate user harm may be considered. Due to report volume, we do not guarantee responses to website-related submissions.
com.brave.browser GOOGLE_PLAY_APP_ID high high high critical
com.brave.ios.browser APPLE_STORE_APP_ID high high high critical
https://github.com/brave-intl/bat-balance SOURCE_CODE critical
https://github.com/brave-intl/bat-client SOURCE_CODE high high high critical
https://github.com/brave-intl/bat-go SOURCE_CODE critical
https://github.com/brave-intl/bat-ledger SOURCE_CODE high high high critical
https://github.com/brave-intl/bat-publisher SOURCE_CODE critical
https://github.com/brave-intl/publishers SOURCE_CODE critical
https://github.com/brave/browser-android-tabs SOURCE_CODE high high high critical
https://github.com/brave/browser-ios SOURCE_CODE high high high critical
https://github.com/brave/browser-laptop SOURCE_CODE critical
https://github.com/brave/muon SOURCE_CODE high high high critical
https://github.com/brave/vault-updater SOURCE_CODE critical
https://laptop-updates.brave.com/latest/dev/debian64 DOWNLOADABLE_EXECUTABLES high high high critical
https://laptop-updates.brave.com/latest/dev/ubuntu64 DOWNLOADABLE_EXECUTABLES critical
https://laptop-updates.brave.com/latest/fedora64 DOWNLOADABLE_EXECUTABLES high high high critical
https://laptop-updates.brave.com/latest/linux64 DOWNLOADABLE_EXECUTABLES high high high critical
https://laptop-updates.brave.com/latest/mint64 DOWNLOADABLE_EXECUTABLES high high high critical
https://laptop-updates.brave.com/latest/openSUSE64 DOWNLOADABLE_EXECUTABLES critical
https://laptop-updates.brave.com/latest/osx DOWNLOADABLE_EXECUTABLES high high high critical
https://laptop-updates.brave.com/latest/winia32 DOWNLOADABLE_EXECUTABLES high high high critical
https://laptop-updates.brave.com/latest/winx64 DOWNLOADABLE_EXECUTABLES high high high critical
publishers.basicattentiontoken.org URL critical
https://github.com/brave/brave-ios SOURCE_CODE high high high critical
com.brave.browser_beta GOOGLE_PLAY_APP_ID critical

target_out_of_scope

asset_identifier asset_type availability requirement confidentiality requirement eligible for bounty eligible for submission integrity requirement max_severity
com.linkbubble.playstore GOOGLE_PLAY_APP_ID none
LinkBubble is no longer in scope
https://github.com/brave/link-bubble SOURCE_CODE none
LinkBubble is no longer in scope
https://github.com/brave/browser-laptop SOURCE_CODE none low none none
Brave has moved from the Muon-based `browser-laptop` codebase to a Chromium-based `brave-browser` codebase. Muon-based Brave is no longer available for download from <brave.com> and everyone will be migrated to the Chromium-based Brave in a few weeks.
https://github.com/brave/muon SOURCE_CODE none none none none
Since Brave is moving from Muon to Chromium, we will no longer be maintaining the Muon codebase.
https://github.com/brave/browser-ios SOURCE_CODE high high high none