exploitDog

CVE-2023-50481

Опубликовано: 21 дек. 2023

Источник: nvd

CVSS3: 7.5

EPSS Низкий

Описание

An issue was discovered in blinksocks version 3.3.8, allows remote attackers to obtain sensitive information via weak encryption algorithms in the component /presets/ssr-auth-chain.js.

Ссылки

https://github.com/blinksocks/blinksocks/issues/108
Issue Tracking
https://github.com/tianjk99/Cryptographic-Misuses/blob/main/CVE-2023-50481.md
Third Party Advisory
https://github.com/blinksocks/blinksocks/issues/108
Issue Tracking
https://github.com/tianjk99/Cryptographic-Misuses/blob/main/CVE-2023-50481.md
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:blinksocks:blinksocks:3.3.8:*:*:*:*:*:*:*

EPSS

Процентиль: 29%

0.00105

Низкий

7.5 High

CVSS3

Дефекты

CWE-327

Связанные уязвимости

GHSA-pqj5-37xf-x5gc

github

около 2 лет назад

blinksocks has weak encryption algorithms

EPSS

Процентиль: 29%

0.00105

Низкий

7.5 High

CVSS3

Дефекты

CWE-327