CVE-2022-45195

SimpleXMQ before 3.4.0, as used in SimpleX Chat before 4.2, does not apply a key derivation function to intended data, which can interfere with forward secrecy and can have other impacts if there is a compromise of a single private key. This occurs in the X3DH key exchange for the double ratchet protocol.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:simplex:simplex_chat:*:*:*:*:*:*:*:*
cpe:2.3:a:simplex:simplexmq:*:*:*:*:*:*:*:*

Information

Published : 2022-11-12 11:15

Updated : 2022-11-17 09:06


NVD link : CVE-2022-45195

Mitre link : CVE-2022-45195


JSON object : View

CWE
CWE-327

Use of a Broken or Risky Cryptographic Algorithm

Advertisement

dedicated server usa

Products Affected

simplex

  • simplex_chat
  • simplexmq