Описание
The Keybase Client for Android before version 5.8.0 and the Keybase Client for iOS before version 5.8.0 fails to properly remove exploded messages initiated by a user if the receiving user places the chat session in the background while the sending user explodes the messages. This could lead to disclosure of sensitive information which was meant to be deleted from the customer's device.
Ссылки
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Одно из
EPSS
3.7 Low
CVSS3
4.3 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
Связанные уязвимости
The Keybase Client for Android before version 5.8.0 and the Keybase Client for iOS before version 5.8.0 fails to properly remove exploded messages initiated by a user if the receiving user places the chat session in the background while the sending user explodes the messages. This could lead to disclosure of sensitive information which was meant to be deleted from the customer's device.
Уязвимость клиента каталог открытых ключей Keybase для iOS и Android, существующая из-за неполной очистки временные или вспомогательные ресурсов, позволяющая нарушителю раскрыть защищаемую информацию или вызвать отказ в обслуживании
EPSS
3.7 Low
CVSS3
4.3 Medium
CVSS3
4.3 Medium
CVSS2