← Back

CVE-2024-42218

nvd nist
Published: Aug 6, 2024Modified: Aug 12, 2024

JSON object

Loading...
4.7
Vector
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
Exploitability: 1.0 / Impact: 3.6
Source: NVD

Description

1Password 8 before 8.10.38 for macOS allows local attackers to exfiltrate vault items by bypassing macOS-specific security mechanisms.

Affected (1)

Products: 1password: 1password
1password
1 product
1password
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
1password
From 8.0 to 8.10.38

Related CWEs

CWE-1289
Improper Validation of Unsafe Equivalence in Input
The product receives an input value that is used as a resource identifier or other type of reference, but it does not validate or incorrectly validates that the input is equivalent to a potentially-unsafe value.

References (2)

Source: cve@mitre.org
Release Notes
Source: cve@mitre.org
Vendor Advisory

Timeline

No history available yet.