CVE-2021-34421
3.7
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
Summary
The Keybase Client for Android before version 5.8.0 and the Keybase Client for iOS before version 5.8.0 fails to properly remove exploded messages initiated by a user if the receiving user places the chat session in the background while the sending user explodes the messages. This could lead to disclosure of sensitive information which was meant to be deleted from the customer's device.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Zoom Video Communications Inc | Keybase Client for Android | unspecified < 5.8.0 | affected |
| Zoom Video Communications Inc | Keybase Client for iOS | unspecified < 5.8.0 | affected |
Weaknesses
- Cleartext Storage of Sensitive Information
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.