CVE-2023-33983

Name of the Vulnerable Software and Affected Versions Briar versions 1.5.3 and earlier

Description The Introduction Client in Briar does not implement out-of-band verification for the public keys of introducees. This allows an introducer to launch man-in-the-middle attacks against later private communication between two introduced parties.

Recommendations For Briar versions 1.5.3 and earlier, as a temporary workaround, consider disabling the introduction feature until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.