CNNVD-202507-3604 Information

CNNVD ID

CNNVD-202507-3604

Related CVE

CVE-2025-54422

• CNNVD Published: 2025-07-29

Description (Chinese)

Sandboxie是sandboxie-plus开源的一款基于沙盒的隔离软件。 Sandboxie 1.16.1及之前版本存在安全漏洞，该漏洞源于密码处理机制中明文传输凭据，可能导致凭据泄露。

Description (English)

Sandboxie is a sandbox-based segregation software. There is a security loophole in Sandboxie 1.16.1 and earlier versions, which stems from the explicit transmission documents in the password-processing mechanism, which may lead to their disclosure.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

sandboxie-plus

Published

2025-07-29

Last Modified

2026-02-24

References

https://github.com/sandboxie-plus/Sandboxie/commit/d107d5743880da28e782c1771b5246b2a512989a https://github.com/sandboxie-plus/Sandboxie/releases/tag/v1.16.2 https://github.com/sandboxie-plus/Sandboxie/security/advisories/GHSA-jp7r-vgv9-43p7

Patch

https://github.com/sandboxie-plus/Sandboxie/releases