Lucene search
MitreCVE-2023-27574HistoryMar 03, 2023 - 10:15 p.m.
CVE-2023-27574
2023-03-0322:15:10
mitre
web.nvd.nist.gov
28
cve-2023-27574
shadowsocksx-ng
vulnerability
code signing
nvd
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.4
Confidence
High
EPSS
0.002
Percentile
59.7%
ShadowsocksX-NG 1.10.0 signs with com.apple.security.get-task-allow entitlements because of CODE_SIGNING_INJECT_BASE_ENTITLEMENTS.
Affected configurations
Node
shadowsocksshadowsocksx-ngMatch1.10.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| shadowsocks | shadowsocksx-ng | 1.10.0 | cpe:2.3:a:shadowsocks:shadowsocksx-ng:1.10.0:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2023-27574
2023-03-03 00:00:00
prion
prion
Code injection
2023-03-03 22:15:00
nvd
nvd
CVE-2023-27574
2023-03-03 22:15:10
osv
osv
CVE-2023-27574
2023-03-03 22:15:10
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.4
Confidence
High
EPSS
0.002
Percentile
59.7%
Related for CVE-2023-27574