CVE-2023-4863 and 1Password 7
I see CVE-2023-4863 has been addressed in 1Password desktop 8.10.15 and later: https://support.1password.com/kb/202309/
Does CVE-2023-4863 impact 1Password desktop 7.x and, if so, has it been fixed, and in what specific 7.x version?
Also, I don't see any clear statements about iOS versions of 1Password 7 or 8. Are either impacted by CVE-2023-4863 and, if so, what versions contain fixes?
Thanks.
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Browser: Not Provided
Comments
-
I see that a link has been placed above my question, pointing to a generic statement about support for previous versions. Are you trying to say that 1Password desktop 7.x is no longer receiving security updates?
https://support.1password.com/system-requirements/ still lists 1Password 7.x.
Please clarify if 1Password 7.x is, or is not, receiving security updates going forward. Thanks.
0 -
Hello @machale! 👋
Thank you for the question. This would be the relevant portion from the security advisory:
Anyone using 1Password 8 for Mac, Windows, or Linux prior to version 8.10.15 is affected by this issue. The issue does not affect 1Password for iOS or Android, nor earlier versions of 1Password.
1Password 7 is no longer supported and will only receive important security updates. Let me know if you have any other questions.
-Dave
0 -
The issue does not affect 1Password for iOS or Android, nor earlier versions of 1Password.
🤦 D'oh! I can't believe I missed that. But thanks for the statement about v7 receiving, "important security updates." Much appreciated.
0 -
I'm happy to help. 🙂
-Dave
0
