Vulnerabilities > CVE-2023-27574 - Unspecified vulnerability in Shadowsocks Shadowsocksx-Ng 1.10.0

047910
CVSS 9.8 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
network
low complexity
shadowsocks
critical
NVD
Published: 2023-03-03
Updated: 2023-03-13

Summary

ShadowsocksX-NG 1.10.0 signs with com.apple.security.get-task-allow entitlements because of CODE_SIGNING_INJECT_BASE_ENTITLEMENTS.

Vulnerable Configurations

Part Description Count
Application
Shadowsocks
1

References