Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Arbitrary command execution in Keybase Client for Windows
Vulnerability Description
A vulnerability was discovered in the Keybase Client for Windows before version 5.6.0 when a user executed the "keybase git lfs-config" command on the command-line. In versions prior to 5.6.0, a malicious actor with write access to a user\'s Git repository could leverage this vulnerability to potentially execute arbitrary Windows commands on a user\'s local system.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
Vulnerability Type
N/A
Vulnerability Title
Keybase 安全漏洞
Vulnerability Description
Keybase是一套基于PGP技术的、支持端到端加密的社交网络平台。 Keybase 5.6.0 版本之前的 Windows 版客户端中存在安全漏洞,对用户的 Git 存储库具有写入权限的恶意行为者可以利用此漏洞在用户的本地系统上执行任意 Windows 命令。
CVSS Information
N/A
Vulnerability Type
N/A