CVE-2023-33980

Bramble Synchronisation Protocol BSP in Briar before 1.4.22 allows attackers to cause a denial of service repeated application crashes via a series of long messages to a contact...

CVE-2023-33981

Briar before 1.4.22 allows attackers to spoof other users' messages in a blog, forum, or private group, but each spoofed message would need to be an exact duplicate of a legitimate message displayed alongside the spoofed one...

PT-2023-24616 · Briar · Briar

Name of the Vulnerable Software and Affected Versions: Briar versions prior to 1.5.3 Description: The issue affects the Bramble Handshake Protocol BHP in Briar, allowing eavesdroppers to decrypt network traffic between two accounts if they later compromise both accounts. However, the eavesdroppin...

CVE-2023-33982

Bramble Handshake Protocol BHP in Briar before 1.5.3 is not forward secure: eavesdroppers can decrypt network traffic between two accounts if they later compromise both accounts. NOTE: the eavesdropping is typically impractical because BHP runs over an encrypted session that uses the Tor hidden...