Signing back into the Community for the first time? You'll need to reset your password to access your account. Find out more.
Forum Discussion
Secuvera findings
Hi there,
will you improve the security of your product after the secuvera‘s findings?
Yes, secrets need to be accessible to the processor, but findings say, the secrets of 1P stay there e...
Hello 1Password Team,
today I came across a report by secuvera which highlights a vulnerability in 1Password, classified as CWE-316. According to their findings, certain sensitive information, such as the SecretID, remains in memory even after the application is closed, which could potentially expose this data to unauthorized access.
Could you please provide more details on how 1Password classifies this vulnerability? Is there any ongoing work to address this issue, or are there recommended steps we as users can take to mitigate this risk on our systems?
Best regards,
miggl8
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Browser: Not Provided
