ALT Linux Team

Package keepassx update in t6 on 2016-01-05

ALT-PU-2016-1006-1

Package keepassx updated to version 0.4.4-alt0.M60T.1 for branch t6 in task 155658.

Closed vulnerabilities

Published: 2017-04-10
Modified: 2025-04-20

CVE-2015-8378

In KeePassX before 0.4.4, a cleartext copy of password data is created upon a cancel of an XML export action. This allows context-dependent attackers to obtain sensitive information by reading the .xml dotfile.

Severity: MEDIUM (5.0) Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Severity: HIGH (7.5) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
References:
VKontakte | Telegram | YouTube | Forum | GitHub | Bugzilla
Version: 2.1.2
Back to top