Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
6 vulnerabilities found for command_line_interface by 1password
FKIE_CVE-2022-32550
Vulnerability from fkie_nvd - Published: 2022-06-15 19:15 - Updated: 2024-11-21 07:06
Severity ?
Summary
An issue was discovered in AgileBits 1Password, involving the method various 1Password apps and integrations used to create connections to the 1Password service. In specific circumstances, this issue allowed a malicious server to convince a 1Password app or integration it is communicating with the 1Password service.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://support.1password.com/kb/202206/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.1password.com/kb/202206/ | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| 1password | 1password | * | |
| 1password | 1password | * | |
| 1password | 1password | * | |
| 1password | 1password | * | |
| 1password | 1password | * | |
| 1password | 1password | * | |
| 1password | 1password | * | |
| 1password | 1password | * | |
| 1password | 1password | * | |
| 1password | 1password_in_the_browser | * | |
| 1password | command-line | * | |
| 1password | command_line_interface | * | |
| 1password | connect | * | |
| 1password | scim_bridge | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:1password:1password:*:*:*:*:*:android:*:*",
"matchCriteriaId": "F9FE84D9-EF01-45B9-910A-5090D72AF496",
"versionEndExcluding": "7.9.3",
"versionStartIncluding": "7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:1password:1password:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "9B919A7B-2244-4ACD-A7A9-2696958FE0DD",
"versionEndExcluding": "7.9.5",
"versionStartIncluding": "7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:1password:1password:*:*:*:*:*:iphone_os:*:*",
"matchCriteriaId": "34FCF50E-EFBB-4BDD-8EF1-E5E443216C37",
"versionEndExcluding": "7.9.6",
"versionStartIncluding": "7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:1password:1password:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "1A74D8CF-5A00-4747-BB56-4E233307A98A",
"versionEndExcluding": "7.9.829",
"versionStartIncluding": "7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:1password:1password:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "710035EA-D064-4241-9A31-D8E1D7D682FD",
"versionEndExcluding": "8.7.1",
"versionStartIncluding": "8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:1password:1password:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "0A7105DF-D42D-4CF7-B02C-9DE38606B71B",
"versionEndExcluding": "8.7.1",
"versionStartIncluding": "8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:1password:1password:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "B4330E40-FC8E-49E1-924B-DF1AFCB78CF3",
"versionEndExcluding": "8.7.1",
"versionStartIncluding": "8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:1password:1password:*:*:*:*:*:iphone_os:*:*",
"matchCriteriaId": "06F0237A-23B0-48D3-824F-1793C9685CAC",
"versionEndExcluding": "8.8.0-94",
"versionStartIncluding": "8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:1password:1password:*:*:*:*:*:android:*:*",
"matchCriteriaId": "E2E43DCC-660E-4949-B671-F75844CA7995",
"versionEndExcluding": "8.8.0-104",
"versionStartIncluding": "8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:1password:1password_in_the_browser:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A2064373-9A1B-4941-B017-E1DBFCAA3806",
"versionEndExcluding": "2.3.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:1password:command-line:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0084C97F-EF69-49AB-B6EA-338F33F75DB1",
"versionEndExcluding": "2.3.0",
"versionStartIncluding": "2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:1password:command_line_interface:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A0B75775-875C-447C-BF1B-AAFF02F6DB80",
"versionEndExcluding": "1.12.5",
"versionStartIncluding": "1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:1password:connect:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B87C658D-34C0-4210-8622-2A126F608B74",
"versionEndExcluding": "1.5.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:1password:scim_bridge:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7DCE78D2-6FC6-4AC2-8A09-326150FB55F3",
"versionEndExcluding": "2.3.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in AgileBits 1Password, involving the method various 1Password apps and integrations used to create connections to the 1Password service. In specific circumstances, this issue allowed a malicious server to convince a 1Password app or integration it is communicating with the 1Password service."
},
{
"lang": "es",
"value": "Se ha detectado un problema en AgileBits 1Password, que afecta al m\u00e9todo que usan varias aplicaciones e integraciones de 1Password para crear conexiones con el servicio de 1Password. En determinadas circunstancias, este problema permit\u00eda a un servidor malicioso convencer a una aplicaci\u00f3n o integraci\u00f3n de 1Password de que estaba comunic\u00e1ndose con el servicio de 1Password"
}
],
"id": "CVE-2022-32550",
"lastModified": "2024-11-21T07:06:36.650",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 2.5,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-06-15T19:15:11.933",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://support.1password.com/kb/202206/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.1password.com/kb/202206/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2020-10256
Vulnerability from fkie_nvd - Published: 2020-10-27 14:15 - Updated: 2024-11-21 04:55
Severity ?
Summary
An issue was discovered in beta versions of the 1Password command-line tool prior to 0.5.5 and in beta versions of the 1Password SCIM bridge prior to 0.7.3. An insecure random number generator was used to generate various keys. An attacker with access to the user's encrypted data may be able to perform brute-force calculations of encryption keys and thus succeed at decryption.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://support.1password.com/command-line/ | Vendor Advisory | |
| cve@mitre.org | https://support.1password.com/kb/202010/ | Vendor Advisory | |
| cve@mitre.org | https://support.1password.com/scim/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.1password.com/command-line/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.1password.com/kb/202010/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.1password.com/scim/ | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| 1password | command_line_interface | * | |
| 1password | scim | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:1password:command_line_interface:*:*:*:*:*:*:*:*",
"matchCriteriaId": "484F47D7-8C0A-49C3-BA28-5C4360B5EAD9",
"versionEndExcluding": "0.5.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:1password:scim:*:*:*:*:*:*:*:*",
"matchCriteriaId": "56C5FD73-B4EC-492A-ACE3-D199644842A6",
"versionEndExcluding": "0.7.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in beta versions of the 1Password command-line tool prior to 0.5.5 and in beta versions of the 1Password SCIM bridge prior to 0.7.3. An insecure random number generator was used to generate various keys. An attacker with access to the user\u0027s encrypted data may be able to perform brute-force calculations of encryption keys and thus succeed at decryption."
},
{
"lang": "es",
"value": "Se detect\u00f3 un problema en las versiones beta de la herramienta de l\u00ednea de comandos 1Password versiones anteriores a 0.5.5 y en las versiones beta de 1Password SCIM bridge anteriores a 0.7.3.\u0026#xa0;Se us\u00f3 un generador de n\u00fameros aleatorios no seguro para generar varias claves.\u0026#xa0;Un atacante con acceso a los datos cifrados del usuario puede ser capaz de llevar a cabo c\u00e1lculos de fuerza bruta de las claves de cifrado y, por lo tanto, tener \u00e9xito en el descifrado"
}
],
"id": "CVE-2020-10256",
"lastModified": "2024-11-21T04:55:04.880",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-10-27T14:15:13.453",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://support.1password.com/command-line/"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://support.1password.com/kb/202010/"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://support.1password.com/scim/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.1password.com/command-line/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.1password.com/kb/202010/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.1password.com/scim/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2022-32550 (GCVE-0-2022-32550)
Vulnerability from cvelistv5 – Published: 2022-06-15 18:01 – Updated: 2024-08-03 07:46
VLAI?
Summary
An issue was discovered in AgileBits 1Password, involving the method various 1Password apps and integrations used to create connections to the 1Password service. In specific circumstances, this issue allowed a malicious server to convince a 1Password app or integration it is communicating with the 1Password service.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:46:43.566Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.1password.com/kb/202206/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in AgileBits 1Password, involving the method various 1Password apps and integrations used to create connections to the 1Password service. In specific circumstances, this issue allowed a malicious server to convince a 1Password app or integration it is communicating with the 1Password service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-15T18:01:24.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.1password.com/kb/202206/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-32550",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in AgileBits 1Password, involving the method various 1Password apps and integrations used to create connections to the 1Password service. In specific circumstances, this issue allowed a malicious server to convince a 1Password app or integration it is communicating with the 1Password service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.1password.com/kb/202206/",
"refsource": "MISC",
"url": "https://support.1password.com/kb/202206/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-32550",
"datePublished": "2022-06-15T18:01:24.000Z",
"dateReserved": "2022-06-08T00:00:00.000Z",
"dateUpdated": "2024-08-03T07:46:43.566Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10256 (GCVE-0-2020-10256)
Vulnerability from cvelistv5 – Published: 2020-10-27 13:28 – Updated: 2024-08-04 10:58
VLAI?
Summary
An issue was discovered in beta versions of the 1Password command-line tool prior to 0.5.5 and in beta versions of the 1Password SCIM bridge prior to 0.7.3. An insecure random number generator was used to generate various keys. An attacker with access to the user's encrypted data may be able to perform brute-force calculations of encryption keys and thus succeed at decryption.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:58:40.273Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.1password.com/command-line/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.1password.com/scim/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.1password.com/kb/202010/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in beta versions of the 1Password command-line tool prior to 0.5.5 and in beta versions of the 1Password SCIM bridge prior to 0.7.3. An insecure random number generator was used to generate various keys. An attacker with access to the user\u0027s encrypted data may be able to perform brute-force calculations of encryption keys and thus succeed at decryption."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-27T13:28:10.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.1password.com/command-line/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.1password.com/scim/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.1password.com/kb/202010/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10256",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in beta versions of the 1Password command-line tool prior to 0.5.5 and in beta versions of the 1Password SCIM bridge prior to 0.7.3. An insecure random number generator was used to generate various keys. An attacker with access to the user\u0027s encrypted data may be able to perform brute-force calculations of encryption keys and thus succeed at decryption."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.1password.com/command-line/",
"refsource": "MISC",
"url": "https://support.1password.com/command-line/"
},
{
"name": "https://support.1password.com/scim/",
"refsource": "MISC",
"url": "https://support.1password.com/scim/"
},
{
"name": "https://support.1password.com/kb/202010/",
"refsource": "CONFIRM",
"url": "https://support.1password.com/kb/202010/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10256",
"datePublished": "2020-10-27T13:28:10.000Z",
"dateReserved": "2020-03-09T00:00:00.000Z",
"dateUpdated": "2024-08-04T10:58:40.273Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-32550 (GCVE-0-2022-32550)
Vulnerability from nvd – Published: 2022-06-15 18:01 – Updated: 2024-08-03 07:46
VLAI?
Summary
An issue was discovered in AgileBits 1Password, involving the method various 1Password apps and integrations used to create connections to the 1Password service. In specific circumstances, this issue allowed a malicious server to convince a 1Password app or integration it is communicating with the 1Password service.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:46:43.566Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.1password.com/kb/202206/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in AgileBits 1Password, involving the method various 1Password apps and integrations used to create connections to the 1Password service. In specific circumstances, this issue allowed a malicious server to convince a 1Password app or integration it is communicating with the 1Password service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-15T18:01:24.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.1password.com/kb/202206/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-32550",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in AgileBits 1Password, involving the method various 1Password apps and integrations used to create connections to the 1Password service. In specific circumstances, this issue allowed a malicious server to convince a 1Password app or integration it is communicating with the 1Password service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.1password.com/kb/202206/",
"refsource": "MISC",
"url": "https://support.1password.com/kb/202206/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-32550",
"datePublished": "2022-06-15T18:01:24.000Z",
"dateReserved": "2022-06-08T00:00:00.000Z",
"dateUpdated": "2024-08-03T07:46:43.566Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-10256 (GCVE-0-2020-10256)
Vulnerability from nvd – Published: 2020-10-27 13:28 – Updated: 2024-08-04 10:58
VLAI?
Summary
An issue was discovered in beta versions of the 1Password command-line tool prior to 0.5.5 and in beta versions of the 1Password SCIM bridge prior to 0.7.3. An insecure random number generator was used to generate various keys. An attacker with access to the user's encrypted data may be able to perform brute-force calculations of encryption keys and thus succeed at decryption.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:58:40.273Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.1password.com/command-line/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.1password.com/scim/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.1password.com/kb/202010/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in beta versions of the 1Password command-line tool prior to 0.5.5 and in beta versions of the 1Password SCIM bridge prior to 0.7.3. An insecure random number generator was used to generate various keys. An attacker with access to the user\u0027s encrypted data may be able to perform brute-force calculations of encryption keys and thus succeed at decryption."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-27T13:28:10.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.1password.com/command-line/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.1password.com/scim/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.1password.com/kb/202010/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10256",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in beta versions of the 1Password command-line tool prior to 0.5.5 and in beta versions of the 1Password SCIM bridge prior to 0.7.3. An insecure random number generator was used to generate various keys. An attacker with access to the user\u0027s encrypted data may be able to perform brute-force calculations of encryption keys and thus succeed at decryption."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.1password.com/command-line/",
"refsource": "MISC",
"url": "https://support.1password.com/command-line/"
},
{
"name": "https://support.1password.com/scim/",
"refsource": "MISC",
"url": "https://support.1password.com/scim/"
},
{
"name": "https://support.1password.com/kb/202010/",
"refsource": "CONFIRM",
"url": "https://support.1password.com/kb/202010/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-10256",
"datePublished": "2020-10-27T13:28:10.000Z",
"dateReserved": "2020-03-09T00:00:00.000Z",
"dateUpdated": "2024-08-04T10:58:40.273Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}