4 matches found
blinksocks-desktop (>=0.0.1 <=0.1.3), blinksocks-gui (>=0.1.0 <=0.2.1) potentially affected by CVE-2023-50481 via blinksocks (>=2.9.0 <=3.3.8)
blinksocks NPM version =2.9.0, =0.0.1, =0.1.0, =0.2.1 Source cves: CVE-2023-50481 Source advisory: OSV:GHSA-PQJ5-37XF-X5GC...
CVE-2023-50481
creationtimestamp| type| source ---|---|--- 2023-12-21 12:24:06+00:00| seen| https://t.me/ctinow/157649 2024-01-14 10:11:42+00:00| seen| https://t.me/ctinow/167986...
CVE-2023-50481
An issue was discovered in blinksocks version 3.3.8, allows remote attackers to obtain sensitive information via weak encryption algorithms in the component /presets/ssr-auth-chain.js...
CVE-2023-50481
CVE-2023-50481 affects blinksocks 3.3.8. The vulnerability is in the component /presets/ssr-auth-chain.js, due to the use of weak encryption algorithms (and fixed IVs) that can disclose sensitive information. Impact is described as sensitive information disclosure; no exploit details are provided...