CVE-2022-46505

Published
View on NVD ↗
CVSS v3
7.5
HIGH
CVSS v2
N/A
Affected
1
PROJECT

Description

An issue in MatrixSSL 4.5.1-open and earlier leads to failure to securely check the SessionID field, resulting in the misuse of an all-zero MasterSecret that can decrypt secret data.

SmallTown123/details-for-CVE-2022-46505
SmallTown123/details-for-CVE-2022-46505
MatrixSSL session resume bug
GitHubGitHub