CVSS: 5.8EPSS: 0%CPEs: 14EXPL: 0CVE-2022-32550
https://notcve.org/view.php?id=CVE-2022-32550
An issue was discovered in AgileBits 1Password, involving the method various 1Password apps and integrations used to create connections to the 1Password service. In specific circumstances, this issue allowed a malicious server to convince a 1Password app or integration it is communicating with the 1Password service. Se ha detectado un problema en AgileBits 1Password, que afecta al método que usan varias aplicaciones e integraciones de 1Password para crear conexiones con el servicio de 1Password. En determinadas circunstancias, este problema permitía a un servidor malicioso convencer a una aplicación o integración de 1Password de que estaba comunicándose con el servicio de 1Password • https://support.1password.com/kb/202206 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2018-19863
https://notcve.org/view.php?id=CVE-2018-19863
An issue was discovered in 1Password 7.2.3.BETA before 7.2.3.BETA-3 on macOS. A mistake in error logging resulted in instances where sensitive data passed from Safari to 1Password could be logged locally on the user's machine. This data could include usernames and passwords that a user manually entered into Safari. Se ha descubierto un problema en 1Password, en versiones 7.2.3.BETA anteriores a la 7.2.3.BETA-3 en macOS. Un error en el registro de errores resultó en instancias en las que los datos sensibles pasados desde Safari a 1Password podrían registrarse de forma local en la máquina del usuario. • https://app-updates.agilebits.com/product_history/OPM7#v70203009 https://discussions.agilebits.com/discussion/99429/the-security-content-of=-betas-7-2-3-beta-3-and-7-2-3-beta-4/p1?new=3D1 https://support.1password.com/kb/201812 • CWE-532: Insertion of Sensitive Information into Log File •