CNNVD-202601-4624 Information

CNNVD ID

CNNVD-202601-4624

Related CVE

CVE-2026-24785

• CNNVD Published: 2026-01-28

Description (Chinese)

Clatter是Joni Lepistö个人开发者的一个Rust库。 Clatter 2.2.0之前版本存在加密问题漏洞，该漏洞源于允许违反PSK有效性规则的握手模式，可能导致密钥重用。

Description (English)

Clatter is a Rust library of Joni Lepistö’s personal developer. There was a encryption loophole in the previous version of Clatter 2.2.0, which resulted from a handshake model that allowed violations of the PSK validity rules, which could lead to re-use of the key.

Hazard Level

Low

Vulnerability Type

加密问题

Affected Vendor

个人开发者

Published

2026-01-28

Last Modified

2026-02-24

References

https://github.com/jmlepisto/clatter/commit/b65ae6e9b8019bed5407771e21f89ddff17c5a71 https://github.com/jmlepisto/clatter/security/advisories/GHSA-253q-9q78-63x4 https://noiseprotocol.org/noise.html#validity-rule

Patch

https://github.com/jmlepisto/clatter/releases