We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.
Please see our statement on Data Privacy.
Assigner | mitre |
Updated | 2024-08-02 |
KeePassXC 2.7.7 allows an attacker (who has the privileges of the victim) to recover cleartext credentials via a memory dump. NOTE: the vendor disputes this because memory-management constraints make this unavoidable in the current design and other realistic designs.
https://gist.github.com/Fastor01/30c6d89c842feb1865ec2cd2d3806838
https://github.com/keepassxreboot/keepassxc/issues/10784
https://keepassxc.org/blog/2019-02-21-memory-security/