Skip to main content
kop48
August 10, 2024
Question

Beta build update for CVE-2024-42218?

  • August 10, 2024
  • 3 replies
  • 145 views

It doesn't look like a new Beta build was released for CVE-2024-42218. Can you confirm if the Beta audience has been left vulnerable, or whether it was silently patched in?


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Browser: Not Provided

3 replies

1P_Dave
1Password Employee
August 12, 2024

Hello @kop48! 👋

As long as you are on version 8.10.38 (August) or later, you have all available fixes.

You can follow this guide to find the version number of 1Password on your device. If you are not running version 8.10.38 or higher, you can learn how to keep 1Password updated here.

The team is looking into updating the release notes for the beta version to include mention of the relevant CVEs.

-Dave

kop48
kop48Author
August 12, 2024

Thanks for clarifying! My concern was more about the Beta audience being 0day'ed by the Production branch. Would be good to see simultaneous CVE disclosure across both branches. :)

1P_Dave
1Password Employee
August 15, 2024

Thanks again for the question. 🙂

-Dave