An issue was discovered in 1Password 7.2.3.BETA before 7.2.3.BETA-3 on macOS. A mistake in error logging resulted in instances where sensitive data passed from Safari to 1Password could be logged locally on the user's machine. This data could include usernames and passwords that a user manually entered into Safari.
References
Link | Resource |
---|---|
https://app-updates.agilebits.com/product_history/OPM7#v70203009 | Release Notes Vendor Advisory |
https://discussions.agilebits.com/discussion/99429/the-security-content-of=-betas-7-2-3-beta-3-and-7-2-3-beta-4/p1?new=3D1 | Vendor Advisory |
https://support.1password.com/kb/201812/ | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2018-12-22T15:00:00
Updated: 2019-01-30T14:57:01
Reserved: 2018-12-05T00:00:00
Link: CVE-2018-19863
JSON object: View
NVD Information
Status : Analyzed
Published: 2018-12-22T15:29:00.230
Modified: 2019-02-05T19:34:41.127
Link: CVE-2018-19863
JSON object: View
Redhat Information
No data.
CWE