SmallTown123/details-for-CVE-2022-46505

Releases0

MatrixSSL session resume bug

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2022-46505 ↗	Jan 18, 2023Wednesday, 18 January 2023, 16:15	7.5 HIGH	—
An issue in MatrixSSL 4.5.1-open and earlier leads to failure to securely check the SessionID field, resulting in the misuse of an all-zero MasterSecret that can decrypt secret data.