vulnerability
Ubuntu: (CVE-2017-18021): qtpass vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:L/Au:N/C:P/I:N/A:N) | Jan 5, 2018 | Nov 19, 2024 | Aug 18, 2025 |
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:P/I:N/A:N)
Published
Jan 5, 2018
Added
Nov 19, 2024
Modified
Aug 18, 2025
Description
It was discovered that QtPass before 1.2.1, when using the built-in password generator, generates possibly predictable and enumerable passwords. This only applies to the QtPass GUI.
Solution
ubuntu-upgrade-qtpass
References
- CVE-2017-18021
- https://attackerkb.com/topics/CVE-2017-18021
- CWE-338
- URL-https://github.com/IJHack/QtPass/issues/338
- URL-https://github.com/IJHack/QtPass/releases/tag/v1.2.1
- URL-https://lists.zx2c4.com/pipermail/password-store/2018-January/003165.html
- URL-https://qtpass.org/
- URL-https://www.cve.org/CVERecord?id=CVE-2017-18021
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.