logo
Vulnerability feed
CONTRIBUTE

Vulnerability

warn

CVE-2023-24069

Reference to the description:

https://nvd.nist.gov/vuln/detail/CVE-2023-24069

Description:
Signal Desktop before 6.2.0 on Windows, Linux, and macOS allows an attacker to obtain potentially sensitive attachments sent in messages from the attachments.noindex directory. Cached attachments are not effectively cleared. In some cases, even after a self-initiated file deletion, an attacker can still recover the file if it was previously replied to in a conversation. (Local filesystem access is needed by the attacker.) NOTE: the vendor disputes the relevance of this finding because the product is not intended to protect against adversaries with this degree of local access.
Last updated date:
08/02/2024
Type:
exploit
Confidence:
HIGH
Date of publishing:
02/02/2023
Reference url to background

https://johnjhacking.com/blog/cve-2023-24068-cve-2023-24069/

Vulnerability FeedContributorsAboutBlog

@inTheWild

©2024

Privacy Policy