FireGPG before 0.6 handle user’s passphrase and decrypted cleartext insecurely by writing pre-encrypted cleartext and the user’s passphrase to disk which may result in the compromise of secure communication or a users’s private key.
The application stores sensitive information in cleartext within a resource that might be accessible to another control sphere.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Firegpg | Getfiregpg | * | * |