Current Behavior: After KeePassXC’s 10-second timeout, the password is removed from the active clipboard (e.g., cannot be pasted via CTRL+V), but it remains in the clipboard history managed by Clipcat.
Expected Behavior: Once the timeout expires, the password should also be removed from clipboard history to prevent unintended access.
This behavior seems to me like a soft of security flaw (I'm unsure how clipboard history is stored in binary file). Passwords should not persist in clipboard history after KeePassXC clears it from the primary clipboard.
Environment:
Arch Linux
Clipcat Version: 0.21.0-1
KeePassXC: Flatpak
Current Behavior: After KeePassXC’s 10-second timeout, the password is removed from the active clipboard (e.g., cannot be pasted via CTRL+V), but it remains in the clipboard history managed by Clipcat.
Expected Behavior: Once the timeout expires, the password should also be removed from clipboard history to prevent unintended access.
This behavior seems to me like a soft of security flaw (I'm unsure how clipboard history is stored in binary file). Passwords should not persist in clipboard history after KeePassXC clears it from the primary clipboard.
Environment:
Arch Linux
Clipcat Version: 0.21.0-1
KeePassXC: Flatpak