The SRP-6a implementation in Kee Vault KeePassRPC prior to 1.12.0 generates insufficiently random numbers, which allows remote malicious users to read and modify data in the KeePass database via a WebSocket connection.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
kee keepassrpc |