Количество 2
Количество 2
CVE-2023-43644
Sing-box is an open source proxy system. Affected versions are subject to an authentication bypass when specially crafted requests are sent to sing-box. This affects all SOCKS5 inbounds with user authentication and an attacker may be able to bypass authentication. Users are advised to update to sing-box 1.4.4 or to 1.5.0-rc.4. Users unable to update should not expose the SOCKS5 inbound to insecure environments.
GHSA-r5hm-mp3j-285g
sing-box vulnerable to improper authentication in the SOCKS inbound
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2023-43644 Sing-box is an open source proxy system. Affected versions are subject to an authentication bypass when specially crafted requests are sent to sing-box. This affects all SOCKS5 inbounds with user authentication and an attacker may be able to bypass authentication. Users are advised to update to sing-box 1.4.4 or to 1.5.0-rc.4. Users unable to update should not expose the SOCKS5 inbound to insecure environments. | CVSS3: 9.1 | 0% Низкий | больше 2 лет назад |
| GHSA-r5hm-mp3j-285g sing-box vulnerable to improper authentication in the SOCKS inbound | CVSS3: 9.1 | 0% Низкий | больше 2 лет назад |
Уязвимостей на страницу