Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Safari app extension bundled with 1Password for Mac 7.7.0 through 7.8.x before 7.8.7 is vulnerable to authorization bypass. By targeting a vulnerable component of this extension, a malicious web page could read a subset of 1Password vault items that would normally be fillable by the user on that web page. These items are usernames and passwords for vault items associated with its domain, usernames and passwords without a domain association, credit cards, and contact items. (1Password must be unlocked for these items to be accessible, but no further user interaction is required.)
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Apple Safari 安全漏洞
Vulnerability Description
Apple Safari是美国苹果(Apple)公司的一款Web浏览器,是Mac OS X和iOS操作系统附带的默认浏览器。 Apple Safari 扩展组件 1Password存在安全漏洞,该漏洞源于软件中的授权容易被绕过,通过将此扩展的组件作为目标,恶意网页可以读取1Password vault项目的子集,通常是由用户在那个网页上填写。这些项是与其域相关联的用户名和密码。
CVSS Information
N/A
Vulnerability Type
N/A