It was discovered that QtPass before 1.2.1, when using the built-in password generator, generates possibly predictable and enumerable passwords. This only applies to the QtPass GUI.
References
Link | Resource |
---|---|
https://github.com/IJHack/QtPass/issues/338 | Exploit Third Party Advisory |
https://github.com/IJHack/QtPass/releases/tag/v1.2.1 | Release Notes Third Party Advisory |
https://lists.zx2c4.com/pipermail/password-store/2018-January/003165.html | Patch Third Party Advisory |
https://qtpass.org/ | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2022-10-03T16:23:14
Updated: 2022-10-03T16:23:14
Reserved: 2022-10-03T00:00:00
Link: CVE-2017-18021
JSON object: View
NVD Information
Status : Analyzed
Published: 2018-01-05T19:29:00.217
Modified: 2018-01-18T22:32:19.567
Link: CVE-2017-18021
JSON object: View
Redhat Information
No data.
CWE