Valbrux

**Name of the Vulnerable Software and Affected Versions** 1Password application version 6.8 for Android **Description** The issue allows an external application to crash the 1Password instance by starting certain activities. Specifically, this can be done by starting the activity `com.agilebits.onepassword.filling.openyolo.OpenYoloDeleteActivity` or `com.agilebits.onepassword.filling.openyolo.OpenYoloRetrieveActivity`, as they are exported. **Recommendations** For 1Password application version 6.8 for Android, consider restricting access to the `com.agilebits.onepassword.filling.openyolo.OpenYoloDeleteActivity` and `com.agilebits.onepassword.filling.openyolo.OpenYoloRetrieveActivity` activities to prevent external applications from crashing the 1Password instance. At the moment, there is no information about a newer version that contains a fix for this vulnerability.