High severity7.5NVD Advisory· Published Apr 27, 2017· Updated Jun 17, 2026
CVE-2017-8296
CVE-2017-8296
Description
kedpm 0.5 and 1.0 creates a history file in ~/.kedpm/history that is written in cleartext. All of the commands performed in the password manager are written there. This can lead to the disclosure of the master password if the "password" command is used with an argument. The names of the password entries created and consulted are also accessible in cleartext.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:ked_password_manager_project:ked_password_manager:0.5:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:ked_password_manager_project:ked_password_manager:0.5:*:*:*:*:*:*:*
- cpe:2.3:a:ked_password_manager_project:ked_password_manager:1.0:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
4- bugs.debian.org/cgi-bin/bugreport.cginvdIssue TrackingPatch
- sourceforge.net/p/kedpm/bugs/6/nvdIssue TrackingPatchThird Party Advisory
- openwall.com/lists/oss-security/2017/04/26/9nvdMailing ListThird Party Advisory
- security.gentoo.org/glsa/201708-04nvd
News mentions
0No linked articles in our index yet.