CVE-2021-34421

🗓️ 11 Nov 2021 22:58:37Reported by ZoomType

cve🔗 web.nvd.nist.gov📰️ 2 Media mentions👁 49 Views

The Keybase Client for Android and iOS before version 5.8.0 fails to remove exploded messages, leading to potential disclosure of sensitive information

Reporter	Title	Published	Views	Family All 9
BDU FSTEC	The vulnerability of Keybase’s open-source key catalog for iOS and Android clients stems from incomplete cleanup of temporary or auxiliary resources. This allows attackers to expose protected information or cause service failures.	21 Oct 202200:00	–	bdu_fstec
Circl	CVE-2021-34421	12 Nov 202102:38	–	circl
CNNVD	Keybase 信息泄露漏洞	11 Nov 202100:00	–	cnnvd
CNVD	Keybase Information Disclosure Vulnerability	13 Nov 202100:00	–	cnvd
Cvelist	CVE-2021-34421 Retained exploded messages in Keybase Clients for Android and iOS	11 Nov 202122:58	–	cvelist
EUVD	EUVD-2021-21079	7 Oct 202500:30	–	euvd
NCSC	Vulnerabilities fixed in Zoom	15 Nov 202100:00	–	ncsc
NVD	CVE-2021-34421	11 Nov 202123:15	–	nvd
Prion	Design/Logic Flaw	11 Nov 202123:15	–	prion

NVD

Node

keybase keybaseMatch5.8.0android

keybase keybaseMatch5.8.0iphone_os

[
  {
    "product": "Keybase Client for Android",
    "vendor": "Zoom Video Communications Inc",
    "versions": [
      {
        "lessThan": "5.8.0",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "Keybase Client for iOS",
    "vendor": "Zoom Video Communications Inc",
    "versions": [
      {
        "lessThan": "5.8.0",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
explore	www.explore.zoom.us/en/trust/security/security-bulletin

21 Nov 2024 06:10Current

4Medium risk

Vulners AI Score4

CVSS 3.13.7 - 4.3

CVSS 24.3

EPSS0.00356

CWE-459