{"id":"CVE-2023-24069","details":"Signal Desktop before 6.2.0 on Windows, Linux, and macOS allows an attacker to obtain potentially sensitive attachments sent in messages from the attachments.noindex directory. Cached attachments are not effectively cleared. In some cases, even after a self-initiated file deletion, an attacker can still recover the file if it was previously replied to in a conversation. (Local filesystem access is needed by the attacker.) NOTE: the vendor disputes the relevance of this finding because the product is not intended to protect against adversaries with this degree of local access.","modified":"2026-04-10T04:55:46.183131Z","published":"2023-01-23T07:15:11.137Z","references":[{"type":"ADVISORY","url":"https://signal.org/download/linux"},{"type":"ADVISORY","url":"https://signal.org/download/macos"},{"type":"ADVISORY","url":"https://signal.org/en/download/windows"},{"type":"EVIDENCE","url":"https://johnjhacking.com/blog/cve-2023-24068-cve-2023-24069/"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/signalapp/signal-desktop","events":[{"introduced":"0"},{"last_affected":"3e24e23451e06dc6c554860f78009e87311d47fd"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"6.2.0"}]}}],"versions":["c53","v0.1.11","v0.1.12","v0.10.0","v0.11.0","v0.11.1","v0.12.0","v0.12.3","v0.12.4","v0.12.5","v0.13.0","v0.14.0","v0.15.0","v0.16.0","v0.16.1","v0.17.0","v0.17.1","v0.18.0","v0.19.0","v0.2.0","v0.2.1","v0.2.2","v0.20.0","v0.21.0","v0.22.0","v0.22.1","v0.22.2","v0.23.0","v0.23.1","v0.23.2","v0.24.1","v0.25.0","v0.25.1","v0.25.2","v0.25.3","v0.25.4","v0.26.0","v0.27.0","v0.28.0","v0.29.0","v0.3.0","v0.3.1","v0.30.0","v0.31.0","v0.32.0","v0.33.0","v0.34.0","v0.35.0","v0.36.0","v0.36.1","v0.37.0","v0.38.0","v0.38.1","v0.38.2","v0.39.0","v0.39.1","v0.4.0","v0.40.0","v0.41.0","v0.41.1","v0.41.2","v0.41.3","v0.42.0","v0.42.1","v0.42.2","v0.42.3","v0.42.4","v0.42.5","v0.42.6","v0.42.7","v0.43.0","v0.43.1","v0.43.3","v0.43.4","v0.5.0","v0.5.1","v0.5.2","v0.6.0","v0.7.0","v0.8.0","v0.9.0","v1.0.25","v1.0.26","v1.0.27","v1.0.29","v1.0.30","v1.0.31","v1.0.32","v1.0.33","v1.0.34","v1.0.35","v1.0.36","v1.0.37","v1.0.38","v1.0.39","v1.0.40","v1.0.41","v1.1.0","v1.10.0-beta.1","v1.11.0-beta.1","v1.11.0-beta.2","v1.11.0-beta.3","v1.11.0-beta.5","v1.12.0-beta.1","v1.12.0-beta.2","v1.13.0-beta.1","v1.13.0-beta.2","v1.14.0-beta.1","v1.14.0-beta.2","v1.14.0-beta.3","v1.14.1-beta.1","v1.15.0-beta.1","v1.15.0-beta.10","v1.15.0-beta.2","v1.15.0-beta.3","v1.15.0-beta.4","v1.15.0-beta.5","v1.15.0-beta.6","v1.15.0-beta.7","v1.15.0-beta.8","v1.15.0-beta.9","v1.15.1-beta.1","v1.15.2-beta.1","v1.15.3-beta.1","v1.15.4-beta.1","v1.16.0-beta.1","v1.16.1-beta.1","v1.16.1-beta.2","v1.16.2-beta.2","v1.17.0-beta.1","v1.17.0-beta.2","v1.17.0-beta.3","v1.17.0-beta.4","v1.17.1-beta.1","v1.17.2-beta.1","v1.18.0-beta.3","v1.18.0-beta.4","v1.18.0-beta.5","v1.18.0-beta.6","v1.18.0-beta.7","v1.19.0-beta.2","v1.19.0-beta.3","v1.19.0-beta.4","v1.2.0-beta.1","v1.2.0-beta.2","v1.20.0-beta.3","v1.21.0-beta.3","v1.21.0-beta.4","v1.21.1-beta.1","v1.21.2-beta.1","v1.22.0-beta.1","v1.22.0-beta.2","v1.23.0-beta.1","v1.23.0-beta.2","v1.23.0-beta.3","v1.23.0-beta.4","v1.23.1-beta.1","v1.23.2-beta.1","v1.24.0-beta.1","v1.24.0-beta.2","v1.24.0-beta.3","v1.24.0-beta.4","v1.24.1-beta.1","v1.25.0-beta.1","v1.25.0-beta.3","v1.25.0-beta.4","v1.25.0-beta.5","v1.25.0-beta.6","v1.25.1-beta.1","v1.25.2-beta.1","v1.25.2-beta.2","v1.25.2-beta.3","v1.25.2-beta.4","v1.25.3-beta.1","v1.26.0-beta.3","v1.26.0-beta.4","v1.26.1-beta.1","v1.26.2-beta.1","v1.27.1-beta.6","v1.27.1-beta.7","v1.27.1-beta.8","v1.27.1-beta.9","v1.27.2-beta.1","v1.27.3-beta.1","v1.27.3-beta.2","v1.28.0-beta.1","v1.28.0-beta.2","v1.28.0-beta.3","v1.28.0-beta.4","v1.28.0-beta.5","v1.28.0-beta.6","v1.29.0-beta.1","v1.29.0-beta.2","v1.29.0-beta.3","v1.29.0-beta.4","v1.29.0-beta.5","v1.29.1-beta.1","v1.3.0-beta.1","v1.30.0-beta.1","v1.30.0-beta.2","v1.30.0-beta.3","v1.30.0-beta.4","v1.30.0-beta.5","v1.30.0-beta.6","v1.30.0-beta.7","v1.31.0-beta.1","v1.31.0-beta.2","v1.32.0-beta.1","v1.32.0-beta.2","v1.32.0-beta.3","v1.32.0-beta.4","v1.32.0-beta.5","v1.32.0-beta.6","v1.32.1-beta.1","v1.33.0-beta.3","v1.33.0-beta.4","v1.33.0-beta.5","v1.34.0-beta.1","v1.34.0-beta.2","v1.34.0-beta.3","v1.34.2-beta.1","v1.34.3-beta.1","v1.34.4-beta.1","v1.34.5-beta.1","v1.35.1-beta.1","v1.35.1-beta.2","v1.35.1-beta.3","v1.36.1-beta.1","v1.36.1-beta.2","v1.36.1-beta.3","v1.36.2-beta.1","v1.36.2-beta.2","v1.36.3-beta.1","v1.36.3-beta.2","v1.37.1-beta.1","v1.37.1-beta.2","v1.37.2-beta.1","v1.37.3-beta.1","v1.38.1-beta.1","v1.38.1-beta.2","v1.38.1-beta.3","v1.39.2-beta.1","v1.39.2-beta.2","v1.39.2-beta.3","v1.39.2-beta.4","v1.39.3-beta.1","v1.39.4-beta.1","v1.39.5-beta.1","v1.39.6-beta.1","v1.4.0-beta.1","v1.40.0-beta.3","v1.40.0-beta.4","v1.40.0-beta.5","v1.40.0-beta.6","v1.40.0-beta.7","v1.40.0-beta.8","v1.40.1-beta.1","v1.5.0-beta.1","v1.6.0-beta.1","v1.6.0-beta.2","v1.7.0-beta.1","v1.7.0-beta.2","v1.7.0-beta.3","v1.8.0-beta.1","v1.9.0-beta.1","v5.0.0-beta.0","v5.0.0-beta.1","v5.0.0-beta.2","v5.1.0-beta.5","v5.10.0-beta.1","v5.11.0-beta.1","v5.12.0-beta.1","v5.12.2","v5.13.0-beta.1","v5.14.0-beta.1","v5.15.0-beta.1","v5.16.0-beta.1","v5.17.0-beta.1","v5.18.0-beta.1","v5.19.0-beta.1","v5.2.0-beta.1","v5.20.0-beta.1","v5.21.0-beta.1","v5.22.0-beta.1","v5.23.0-beta.1","v5.24.0-beta.1","v5.25.0-beta.1","v5.26.0-beta.1","v5.27.0-beta.1","v5.28.0-beta.1","v5.29.0-beta.1","v5.3.0-beta.1","v5.30.0-beta.1","v5.31.0-beta.1","v5.32.0-beta.1","v5.33.0-beta.1","v5.34.0-beta.1","v5.35.0-beta.1","v5.36.0-beta.1","v5.37.0-beta.1","v5.38.0-beta.1","v5.39.0-beta.1","v5.4.0-beta.2","v5.40.0-beta.1","v5.41.0-beta.1","v5.42.0-beta.1","v5.43.0-beta.1","v5.44.0-beta.1","v5.45.0-beta.1","v5.46.0-beta.1","v5.47.0-beta.1","v5.48.0-beta.1","v5.49.0-beta.1","v5.5.0-beta.1","v5.50.0-beta.1","v5.51.0-beta.1","v5.52.0-beta.1","v5.53.0-beta.1","v5.54.0-beta.1","v5.55.0-beta.1","v5.56.0-beta.1","v5.57.0-beta.1","v5.58.0-beta.1","v5.59.0-beta.1","v5.6.0-beta.1","v5.60.0-beta.1","v5.61.0-beta.1","v5.62.0-beta.1","v5.63.0-beta.1","v5.7.0-beta.1","v5.8.0-beta.1","v5.9.0-beta.1","v6.0.0-beta.1","v6.1.0-beta.1","v6.2.0","v6.2.0-beta.1","v6.2.0-beta.2","v6.2.0-beta.3"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-24069.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"}]}