![]() ![]() We are also monitoring the request to reject/dispute this CVE on the grounds it is not actually a vulnerability in our software. ![]() In addition, having lost control of your computer in this manner would mean the attacker could execute any number of security compromises against your KeePassXC database, regardless of requiring credentials prior to export or credential change.Īt this time, we are not planning any drastic changes to the program to address this submission. Keepass2Android Password Safe 1. Where this is true, there are numerous barriers to actually executing this attack sequence. The root of the argument submitted by the CVE author is that an attacker with unfettered access to an already unlocked database could export or change the password without requiring the original credentials. Additional information can be found in the discussion on GitHub. It is compatible with the popular KeePass 2. As the developers of KeePassXC, we do not consider the issue a vulnerability and have filed a request for the CVE to be rejected. Keepass2Android is an open source password manager application for Android. On Jan alleged KeePassXC vulnerability with the identifier CVE-2023–35866 was posted against KeePassXC versions up to 2.7.5. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |