Vulnerabilities > 1Password > Connect > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-06-15 CVE-2022-32550 Unspecified vulnerability in 1Password products
An issue was discovered in AgileBits 1Password, involving the method various 1Password apps and integrations used to create connections to the 1Password service.
network
high complexity
1password
4.8
2021-07-16 CVE-2021-36758 Incorrect Authorization vulnerability in 1Password Connect 1.0.1/1.1.0/1.1.1
1Password Connect server before 1.2 is missing validation checks, permitting users to create Secrets Automation access tokens that can be used to perform privilege escalation.
network
low complexity
1password CWE-863
5.5