Upstream information

CVE-2024-33900 at MITRE

Description

** DISPUTED ** KeePassXC 2.7.7 allows an attacker (who has the privileges of the victim) to recover cleartext credentials via a memory dump. NOTE: the vendor disputes this because memory-management constraints make this unavoidable in the current design and other realistic designs.

SUSE information

Overall state of this security issue: Does not affect SUSE products

This issue is currently rated as having moderate severity.

SUSE Bugzilla entry: 1224789 [RESOLVED / WONTFIX]

No SUSE Security Announcements cross referenced.


SUSE Timeline for this CVE

CVE page created: Tue May 21 00:00:02 2024
CVE page last modified: Wed Nov 27 12:15:52 2024