CVE-2021-34421

Summary

The Keybase Client for Android before version 5.8.0 and the Keybase Client for iOS before version 5.8.0 fails to properly remove exploded messages initiated by a user if the receiving user places the chat session in the background while the sending user explodes the messages. This could lead to disclosure of sensitive information which was meant to be deleted from the customer's device.

Affected Software

VendorProductVersion RangeStatus
Zoom Video Communications IncKeybase Client for Androidunspecified < 5.8.0affected
Zoom Video Communications IncKeybase Client for iOSunspecified < 5.8.0affected

Weaknesses

  • Cleartext Storage of Sensitive Information

ADP Enrichment

CVE Program Container

Additional References

References