Vulnerability Details CVE-2024-42219
1Password 8 before 8.10.36 for macOS allows local attackers to exfiltrate vault items because XPC inter-process communication validation is insufficient.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 4.5%
CVSS Severity
CVSS v3 Score 7.8
Products affected by CVE-2024-42219
-
cpe:2.3:a:1password:1password:8.10.0
-
cpe:2.3:a:1password:1password:8.10.1
-
cpe:2.3:a:1password:1password:8.10.12
-
cpe:2.3:a:1password:1password:8.10.13
-
cpe:2.3:a:1password:1password:8.10.15
-
cpe:2.3:a:1password:1password:8.10.16
-
cpe:2.3:a:1password:1password:8.10.18
-
cpe:2.3:a:1password:1password:8.10.20
-
cpe:2.3:a:1password:1password:8.10.22
-
cpe:2.3:a:1password:1password:8.10.23
-
cpe:2.3:a:1password:1password:8.10.24
-
cpe:2.3:a:1password:1password:8.10.26
-
cpe:2.3:a:1password:1password:8.10.27
-
cpe:2.3:a:1password:1password:8.10.28
-
cpe:2.3:a:1password:1password:8.10.3
-
cpe:2.3:a:1password:1password:8.10.30
-
cpe:2.3:a:1password:1password:8.10.32
-
cpe:2.3:a:1password:1password:8.10.33
-
cpe:2.3:a:1password:1password:8.10.34
-
cpe:2.3:a:1password:1password:8.10.4
-
cpe:2.3:a:1password:1password:8.10.6
-
cpe:2.3:a:1password:1password:8.10.7
-
cpe:2.3:a:1password:1password:8.10.8
-
cpe:2.3:a:1password:1password:8.10.9