CVE-2023-33982

Name of the Vulnerable Software and Affected Versions Briar versions prior to 1.5.3

Description The issue affects the Bramble Handshake Protocol (BHP) in Briar, allowing eavesdroppers to decrypt network traffic between two accounts if they later compromise both accounts. However, the eavesdropping is typically impractical because BHP runs over an encrypted session that uses the Tor hidden service protocol.

Recommendations For versions prior to 1.5.3, update to version 1.5.3 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive information until the update is applied.