1Password for Mac 7.2.4 through 7.9.x before 7.9.3 is vulnerable to a process validation bypass. Malicious software running on the same computer can exfiltrate secrets from 1Password provided that 1Password is running and is unlocked. Affected secrets include vault items and derived values used for signing in to 1Password.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://support.1password.com/kb/202204/ |
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2022-05-09T18:34:50
Updated: 2024-08-03T06:33:42.923Z
Reserved: 2022-04-27T00:00:00
Link: CVE-2022-29868
Vulnrichment
No data.
NVD
Status : Modified
Published: 2022-05-09T19:15:07.933
Modified: 2024-11-21T06:59:51.350
Link: CVE-2022-29868
Redhat
No data.