Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Retained exploded messages in Keybase clients for macOS and Windows
Vulnerability Description
The Keybase Clients for macOS and Windows before version 5.9.0 fails to properly remove exploded messages initiated by a user. This can occur if the receiving user switches to a non-chat feature and places the host in a sleep state before the sending user explodes the messages. This could lead to disclosure of sensitive information which was meant to be deleted from a user’s filesystem.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
Vulnerability Type
N/A
Vulnerability Title
Keybase 信息泄露漏洞
Vulnerability Description
Keybase是一套基于PGP技术的、支持端到端加密的社交网络平台。 Keybase 存在信息泄露漏洞,该漏洞源于 Keybase 客户端无法正确删除用户发起的 exploded messages。 如果接收用户切换到非聊天功能并在发送用户 exploded messages 之前将主机置于睡眠状态,则可能会发生这种情况。 这可能会导致本应从用户文件系统中删除的敏感信息泄露。
CVSS Information
N/A
Vulnerability Type
N/A