CVE-2022-0725

A flaw was found in keepass. The vulnerability occurs due to logging the plain text passwords in system log and leads to an Information Exposure vulnerability. This flaw allows an attacker to interact and read sensitive passwords and logs.

Published: Mar 10, 2022
Updated: Apr 14, 2023
CVE: CVE-2022-0725
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.5
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:P/I:N/A:N

CWEs:

CWE-532

Affected Software
References

Software	From	Fixed in
keepass / keepass	2.48	2.48.x
fedoraproject / fedora	35	35.x
fedoraproject / extra_packages_for_enterprise_linux	7.0	7.0.x

https://bugzilla.redhat.com/show_bug.cgi?id=2052696

Vulnerability Database

289,599

CVE-2022-0725