Security Advisory

CVE-2023-36325

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-10-09 00:00:00

Last updated 2024-11-04 21:26:16

Assigner mitre

State PUBLISHED

Description

i2p before 2.3.0 (Java) allows de-anonymizing the public IPv4 and IPv6 addresses of i2p hidden services (aka eepsites) via a correlation attack across the IPv4 and IPv6 addresses that occurs when a tunneled, replayed message has a behavior discrepancy (it may be dropped, or may result in a Wrong Destination response). An attack would take days to complete.

← Browse all CVEs View on cve.org ↗