An issue was discovered in AgileBits 1Password, involving the method various 1Password apps and integrations used to create connections to the 1Password service. In specific circumstances, this issue allowed a malicious server to convince a 1Password app or integration it is communicating with the 1Password service.
oryginał ENCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N1password
APP1Password7.0 – 7.9.3 (bez)7.0 – 7.9.5 (bez)7.0 – 7.9.6 (bez)7.0 – 7.9.829 (bez)8.0 – 8.7.1 (bez)8.0 – 8.8.0-94 (bez)8.0 – 8.8.0-104 (bez)1password In The Browser
APP1Password< 2.3.41password Command Line
APP1Password2.0.0 – 2.3.0 (bez)1password Command Line Interface
APP1Password1.0.0 – 1.12.5 (bez)1password Connect
APP1Password< 1.5.31password Scim Bridge
APP1Password< 2.3.2
Powiązane podatności
An issue was discovered in beta versions of the 1Password command-line tool prior to 0.5.5 and in beta version...
1Password 8 before 8.10.36 for macOS allows local attackers to exfiltrate vault items because XPC inter-proces...
A DLL injection vulnerability in 1password.dll of 1Password 7.3.712 allows attackers to execute arbitrary code...
1Password 8 before 8.10.38 for macOS allows local attackers to exfiltrate vault items by bypassing macOS-speci...
1Password for Mac 7.2.4 through 7.9.x before 7.9.3 is vulnerable to a process validation bypass. Malicious sof...