Lucene search
GoogleOSV:CVE-2023-43617HistorySep 20, 2023 - 6:15 a.m.
CVE-2023-43617
2023-09-2006:15:10
Google
osv.dev
4
croc 9.6.5
security issue
custom shared secret
untrusted relay
room name
CVSS3
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
AI Score
7
Confidence
Low
EPSS
0.001
Percentile
28.1%
An issue was discovered in Croc through 9.6.5. When a custom shared secret is used, the sender and receiver may divulge parts of this secret to an untrusted Relay, as part of composing a room name.
Related
osv
osv
Cros secrets may be disclosed to untrusted relay
2023-09-20 06:30:50
CGA-2c9v-p5v5-6ff2
2024-06-06 12:17:10
Cros secrets may be disclosed to untrusted relay in github.com/schollz/croc
2024-08-21 14:30:18
veracode
veracode
Sensitive Information Exposure
2023-09-29 10:17:55
cve
cve
CVE-2023-43617
2023-09-20 06:15:10
github
github
Cros secrets may be disclosed to untrusted relay
2023-09-20 06:30:50
alpinelinux
alpinelinux
CVE-2023-43617
2023-09-20 06:15:10
prion
prion
Design/Logic Flaw
2023-09-20 06:15:00
cvelist
cvelist
CVE-2023-43617
2023-09-20 00:00:00
vulnrichment
vulnrichment
CVE-2023-43617
2023-09-20 00:00:00
nvd
nvd
CVE-2023-43617
2023-09-20 06:15:10
wolfi
wolfi
CVE-2023-43617 vulnerabilities
2024-09-28 21:12:41
CVSS3
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
AI Score
7
Confidence
Low
EPSS
0.001
Percentile
28.1%
Related for OSV:CVE-2023-43617