read-passwd and other Lisp functions in Emacs 20 do not...
Moderate severity
Unreviewed
Published
Apr 30, 2022
to the GitHub Advisory Database
•
Updated Jan 30, 2023
Description
Published by the National Vulnerability Database
Apr 18, 2000
Published to the GitHub Advisory Database
Apr 30, 2022
Last updated
Jan 30, 2023
read-passwd and other Lisp functions in Emacs 20 do not properly clear the history of recently typed keys, which allows an attacker to read unencrypted passwords.
References