Read first: Previous version support information

CVE-2023-4863 and 1Password 7

machale
machale
Community Member
edited September 2023 in 1Password 3 – 7 for Mac

I see CVE-2023-4863 has been addressed in 1Password desktop 8.10.15 and later: https://support.1password.com/kb/202309/

Does CVE-2023-4863 impact 1Password desktop 7.x and, if so, has it been fixed, and in what specific 7.x version?

Also, I don't see any clear statements about iOS versions of 1Password 7 or 8. Are either impacted by CVE-2023-4863 and, if so, what versions contain fixes?

Thanks.

1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Browser: Not Provided

Comments

  • machale
    machale
    Community Member

    I see that a link has been placed above my question, pointing to a generic statement about support for previous versions. Are you trying to say that 1Password desktop 7.x is no longer receiving security updates?

    https://support.1password.com/system-requirements/ still lists 1Password 7.x.

    Please clarify if 1Password 7.x is, or is not, receiving security updates going forward. Thanks.

  • Dave_1P
    Dave_1P
    edited September 2023

    Hello @machale! 👋

    Thank you for the question. This would be the relevant portion from the security advisory:

    Anyone using 1Password 8 for Mac, Windows, or Linux prior to version 8.10.15 is affected by this issue. The issue does not affect 1Password for iOS or Android, nor earlier versions of 1Password.

    1Password 7 is no longer supported and will only receive important security updates. Let me know if you have any other questions.

    -Dave

  • machale
    machale
    Community Member

    The issue does not affect 1Password for iOS or Android, nor earlier versions of 1Password.

    🤦 D'oh! I can't believe I missed that. But thanks for the statement about v7 receiving, "important security updates." Much appreciated.

  • Dave_1P
    Dave_1P

    I'm happy to help. 🙂

    -Dave

This discussion has been closed.