CVE-2020-10256 vulnerability in 1password Products
Published on October 27, 2020

An issue was discovered in beta versions of the 1Password command-line tool prior to 0.5.5 and in beta versions of the 1Password SCIM bridge prior to 0.7.3. An insecure random number generator was used to generate various keys. An attacker with access to the user's encrypted data may be able to perform brute-force calculations of encryption keys and thus succeed at decryption.

NVD

Products Associated with CVE-2020-10256

Want to know whenever a new CVE is published for 1password products? stack.watch will email you.

1password Command Line

1password Scim

1password Command Line Interface

Exploit Probability

EPSS

0.26%

Percentile

49.87%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2020-10256 vulnerability in 1password ProductsPublished on October 27, 2020

Products Associated with CVE-2020-10256

Exploit Probability

CVE-2020-10256 vulnerability in 1password Products
Published on October 27, 2020