CVE-2023-33981

Опубликовано: 24 мая 2023

Источник: nvd

CVSS3: 6.5

EPSS Низкий

Описание

Briar before 1.4.22 allows attackers to spoof other users' messages in a blog, forum, or private group, but each spoofed message would need to be an exact duplicate of a legitimate message displayed alongside the spoofed one.

Ссылки

https://briarproject.org/news/2023-three-security-issues-found-and-fixed/
Vendor Advisory
https://ethz.ch/content/dam/ethz/special-interest/infk/inst-infsec/appliedcrypto/education/theses/report_YuanmingSong.pdf
Exploit
Technical Description
Third Party Advisory
https://briarproject.org/news/2023-three-security-issues-found-and-fixed/
Vendor Advisory
https://ethz.ch/content/dam/ethz/special-interest/infk/inst-infsec/appliedcrypto/education/theses/report_YuanmingSong.pdf
Exploit
Technical Description
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:briarproject:briar:*:*:*:*:*:*:*:*

Версия до 1.4.22 (исключая)

EPSS

Процентиль: 31%

0.00119

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-354

Связанные уязвимости

CVE-2023-33981

CVSS3: 6.5

debian

больше 2 лет назад

Briar before 1.4.22 allows attackers to spoof other users' messages in ...

GHSA-h8qw-575q-g9c5

CVSS3: 6.5

github

больше 2 лет назад

EPSS

Процентиль: 31%

0.00119

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-354