Описание
1Password for Mac 7.2.4 through 7.9.x before 7.9.3 is vulnerable to a process validation bypass. Malicious software running on the same computer can exfiltrate secrets from 1Password provided that 1Password is running and is unlocked. Affected secrets include vault items and derived values used for signing in to 1Password.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 7.2.4 (включая) до 7.9.3 (исключая)
cpe:2.3:a:1password:1password:*:*:*:*:*:macos:*:*
EPSS
Процентиль: 8%
0.00028
Низкий
5.5 Medium
CVSS3
2.1 Low
CVSS2
Дефекты
CWE-312
Связанные уязвимости
CVSS3: 5.5
github
больше 3 лет назад
1Password for Mac 7.2.4 through 7.9.x before 7.9.3 is vulnerable to a process validation bypass. Malicious software running on the same computer can exfiltrate secrets from 1Password provided that 1Password is running and is unlocked. Affected secrets include vault items and derived values used for signing in to 1Password.
EPSS
Процентиль: 8%
0.00028
Низкий
5.5 Medium
CVSS3
2.1 Low
CVSS2
Дефекты
CWE-312