CVE-2023-32784 (KeePass)

This vulnerability page says that it is a Linux vulnerability. This may be the case but it is also a Windows vulnerability and the description mentions files that are only present on Windows.

Despite having vulnerable software installed in my system Rapid7 VM is not reporting on it.

This coverage has been picked up be our recurring vulnerability coverage for SUSE. This happens when they publish their own advisory. We do not have recurring coverage for KeePass so this will not have been picked up by automation.

However, we are currently looking at adding specific coverage for this on Windows systems, and should have this coverage shipped over the next week or so. I will provide an update here when we ship this.

1 Like

Just to provide an update, we shipped an authenticated check for this in the content release Sep 28