Filtered by vendor Simplex Subscriptions
Filtered by product Simplex Chat Subscriptions
Total 1 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2022-45195 1 Simplex 2 Simplex Chat, Simplexmq 2022-11-17 5.3 Medium
SimpleXMQ before 3.4.0, as used in SimpleX Chat before 4.2, does not apply a key derivation function to intended data, which can interfere with forward secrecy and can have other impacts if there is a compromise of a single private key. This occurs in the X3DH key exchange for the double ratchet protocol.