CVE-2018-13042

The 1Password application 6.8 for Android is affected by a Denial Of Service vulnerability. By starting the activity com.agilebits.onepassword.filling.openyolo.OpenYoloDeleteActivity or com.agilebits.onepassword.filling.openyolo.OpenYoloRetrieveActivity from an external application (since they are exported), it is possible to crash the 1Password instance.
Configurations

Configuration 1 (hide)

cpe:2.3:a:1password:1password:6.8:*:*:*:*:android:*:*

History

21 Nov 2024, 03:46

Type Values Removed Values Added
References () https://app-updates.agilebits.com/product_history/OPA4 - Vendor Advisory () https://app-updates.agilebits.com/product_history/OPA4 - Vendor Advisory
References () https://www.exploit-db.com/exploits/46165/ - Third Party Advisory, VDB Entry () https://www.exploit-db.com/exploits/46165/ - Third Party Advisory, VDB Entry
References () https://www.valbrux.it/blog/2019/01/22/cve-2018-13042-1password-android-7-0-denial-of-service/ - () https://www.valbrux.it/blog/2019/01/22/cve-2018-13042-1password-android-7-0-denial-of-service/ -

Information

Published : 2018-10-05 21:29

Updated : 2024-11-21 03:46


NVD link : CVE-2018-13042

Mitre link : CVE-2018-13042

CVE.ORG link : CVE-2018-13042


JSON object : View

Products Affected

1password

  • 1password
CWE
CWE-20

Improper Input Validation