CVE-2022-0725
Summary
| CVE | CVE-2022-0725 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2022-03-10 17:44:00 UTC |
| Updated | 2022-10-28 18:14:00 UTC |
| Description | A flaw was found in keepass. The vulnerability occurs due to logging the plain text passwords in system log and leads to an Information Exposure vulnerability. This flaw allows an attacker to interact and read sensitive passwords and logs. |
Risk And Classification
Problem Types: CWE-532
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Fedoraproject | Extra Packages For Enterprise Linux | 7.0 | All | All | All |
| Operating System | Fedoraproject | Fedora | 35 | All | All | All |
| Application | Fedoraproject | Fedora Extra Packages For Enterprise Linux | 7.0 | All | All | All |
| Application | Keepass | Keepass | 2.48 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| GitHub - ByteHackr/keepass_poc: POC for KeePass [CVE-2022-0725] | MISC | github.com | |
| 2052696 – (CVE-2022-0725) CVE-2022-0725 keepass: logs plain text passwords in system log when clearing the clipboard | MISC | bugzilla.redhat.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.