Issue in KeePassXC 2.7.7 allows an attacker (who has the privileges of the victim) to recover some passwords stored in the .kdbx database via a memory dump. NOTE: the vendor disputes this because memory-management constraints make this unavoidable in the current design and other realistic designs.
[
{
"cpes": [
"cpe:2.3:a:keepassxc:keepassxc:2.7.7:*:*:*:*:*:*:*"
],
"vendor": "keepassxc",
"product": "keepassxc",
"versions": [
{
"status": "affected",
"version": "2.7.7"
}
],
"defaultStatus": "affected"
}
]