SimpleXMQ before 3.4.0, as used in... CVE-2022-45195

- AV AC AU C I A
发布: 2022-11-12
修订: 2024-11-21

SimpleXMQ before 3.4.0, as used in SimpleX Chat before 4.2, does not apply a key derivation function to intended data, which can interfere with forward secrecy and can have other impacts if there is a compromise of a single private key. This occurs in the X3DH key exchange for the double ratchet protocol.

0%
暂无可用Exp或PoC
当前有2条受影响产品信息