CVE-2022-22779
3.7
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
Summary
The Keybase Clients for macOS and Windows before version 5.9.0 fails to properly remove exploded messages initiated by a user. This can occur if the receiving user switches to a non-chat feature and places the host in a sleep state before the sending user explodes the messages. This could lead to disclosure of sensitive information which was meant to be deleted from a user’s filesystem.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Zoom Video Communications Inc | Keybase Client for macOS | unspecified < 5.9.0 | affected |
| Zoom Video Communications Inc | Keybase Client for Windows | unspecified < 5.9.0 | affected |
Weaknesses
- Improper Enforcement of Behavioral Workflow
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.