6.7 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
46.0%
An issue was discovered in the bsock component of bcoin-org bcoin that allows remote attackers to obtain sensitive information via weak hashing algorithms in the component \vendor\faye-websocket.js.
\vendor\faye-websocket.js
github.com/bcoin-org/bcoin
github.com/bcoin-org/bcoin/blob/master/node_modules/bsock/package.json
github.com/bcoin-org/bcoin/issues/1174
github.com/bcoin-org/bsock/blob/master/package.json
github.com/tianjk99/Cryptographic-Misuses/blob/main/CVE-2023-50475.md
nvd.nist.gov/vuln/detail/CVE-2023-50475