CVE-2022-45195
SimpleXMQ before 3.4.0, as used in SimpleX Chat before 4.2, does not apply a key derivation function to intended data, which can interfere with forward secrecy and can have other impacts if there is a compromise of a single private key. This occurs in the X3DH key exchange for the double ratchet protocol.
Date published : 2022-11-12
https://github.com/simplex-chat/simplexmq/compare/v3.3.0…v3.4.0