Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
SimpleXMQ before 3.4.0, as used in SimpleX Chat before 4.2, does not apply a key derivation function to intended data, which can interfere with forward secrecy and can have other impacts if there is a compromise of a single private key. This occurs in the X3DH key exchange for the double ratchet protocol.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
SimpleXMQ 加密问题漏洞
Vulnerability Description
SimpleXMQ是SimpleX Chat开源的一种 SimpleX 消息协议的参考实现。用于公共网络上的单工队列。 SimpleXMQ 3.4.0之前的版本存在安全漏洞,该漏洞源于其double ratchet协议的X3DH密钥交换过程没有对预期的数据应用密钥派生函数可能会干扰转发保密性。
CVSS Information
N/A
Vulnerability Type
N/A