Lucene search
HistoryJun 17, 2024 - 8:15 a.m.
CVE-2024-36289
encryption
vulnerability
freefrom
nonce
key pair
android
ios
man-in-the-middle
CVSS3
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Reusing a nonce, key pair in encryption issue exists in “FreeFrom - the nostr client” App versions prior to 1.3.5 for Android and iOS. If this vulnerability is exploited, the content of direct messages (DMs) between users may be manipulated by a man-in-the-middle attack.
Related
cvelist
cvelist
CVE-2024-36289
2024-06-17 07:34:25
vulnrichment
vulnrichment
CVE-2024-36289
2024-06-17 07:34:25
cve
cve
CVE-2024-36289
2024-06-17 08:15:49
jvn
jvn
JVN#55045256: Multiple vulnerabilities in "FreeFrom - the nostr client" App
2024-06-07 00:00:00
CVSS3
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Related for NVD:CVE-2024-36289