CVE-2020-37178

KeePass 2.44 - Denial of Service (PoC)

CVSS 4.6 MEDIUMEPSS 0.3%CWE-94

KeePass Password Safe versions before 2.44 contain a denial of service vulnerability in the help system's HTML handling. Attackers can trigger the vulnerability by dragging and dropping malicious HTML files into the help area, potentially causing application instability or crash.

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

Affected products

Keepass · KeePass Password Safe

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://keepass.info/https://www.exploit-db.com/exploits/47952 https://www.vulncheck.com/advisories/keepass-denial-of-service-poc