Keybase 1.0.0-36

CPE Details

Keybase 1.0.0-36
keybase
keybase
1.0.0-36
2019-09-30
10h52 +00:00
2019-09-30
10h52 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:keybase:keybase:1.0.0-36:*:*:*:*:*:*:*

Informations

Vendor

keybase

Product

keybase

Version

1.0.0-36

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2022-22779 2022-02-09 22h05 +00:00 The Keybase Clients for macOS and Windows before version 5.9.0 fails to properly remove exploded messages initiated by a user. This can occur if the receiving user switches to a non-chat feature and places the host in a sleep state before the sending user explodes the messages. This could lead to disclosure of sensitive information which was meant to be deleted from a user’s filesystem.
3.7
Bas
CVE-2021-34426 2021-12-14 19h26 +00:00 A vulnerability was discovered in the Keybase Client for Windows before version 5.6.0 when a user executed the "keybase git lfs-config" command on the command-line. In versions prior to 5.6.0, a malicious actor with write access to a user\'s Git repository could leverage this vulnerability to potentially execute arbitrary Windows commands on a user\'s local system.
7.8
Haute
CVE-2021-23827 2021-02-22 22h07 +00:00 Keybase Desktop Client before 5.6.0 on Windows and macOS, and before 5.6.1 on Linux, allows an attacker to obtain potentially sensitive media (such as private pictures) in the Cache and uploadtemps directories. It fails to effectively clear cached pictures, even after deletion via normal methodology within the client, or by utilizing the "Explode message/Explode now" functionality. Local filesystem access is needed by the attacker.
5.5
Moyen