CVE-2020-37178
Denial of Service in KeePass Help System via Malicious HTML
Publication date: 2026-02-11
Last updated on: 2026-02-12
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| keepass | password_safe | to 2.44 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-94 | The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
[{'type': 'paragraph', 'content': "CVE-2020-37178 is a denial of service vulnerability in KeePass Password Safe versions before 2.44. It occurs due to improper handling of HTML content in the application's help system."}, {'type': 'paragraph', 'content': 'An attacker can exploit this vulnerability by dragging and dropping malicious HTML files into the help area of the application. This malicious HTML can contain embedded JavaScript payloads that cause the application to become unstable or crash.'}, {'type': 'paragraph', 'content': "The vulnerability is related to CWE-94, which involves improper control of code generation, allowing code injection through the help system's HTML handling."}] [1, 2]
How can this vulnerability impact me? :
This vulnerability can cause KeePass Password Safe to become unstable or crash, resulting in a denial of service condition.
In addition to denial of service, the vulnerability can potentially allow execution of arbitrary commands if ActiveX scripting is enabled, which could lead to remote code execution on Windows platforms.
- Loss of access to the password manager during a crash or instability.
- Potential execution of malicious code leading to further system compromise.
- Disruption of normal application behavior, impacting productivity and security.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability is triggered locally by dragging and dropping malicious HTML files into the KeePass help system, causing application instability or crash.
Detection involves monitoring for unusual crashes or hangs of KeePass Password Safe versions prior to 2.44, especially when interacting with the help system.
Since the exploit requires user interaction and local access, network detection is limited.
No specific commands are provided in the resources to detect this vulnerability automatically.
What immediate steps should I take to mitigate this vulnerability?
The primary mitigation is to upgrade KeePass Password Safe to version 2.44 or later, where this vulnerability is fixed.
Avoid dragging and dropping untrusted or suspicious HTML files into the KeePass help system.
Limit user interaction with the help system or disable the help system if possible until the update is applied.
Ensure that ActiveX scripting is disabled or restricted on Windows systems to reduce risk of arbitrary code execution.