ShadowsocksX-NG 1.10.0 signs with com.apple.security.get-task-allow entitlements because of CODE_SIGNING_INJECT_BASE_ENTITLEMENTS.
oryginał ENCVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HShadowsocks Shadowsocksx Ng
APPShadowsocks1.10.0
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Powiązane podatności
CVE-2019-5152HIGH7.4ten sam vendor
An exploitable information disclosure vulnerability exists in the network packet handling functionality of Sha...
CVE-2019-5163HIGH7.5ten sam vendor
An exploitable denial-of-service vulnerability exists in the UDPRelay functionality of Shadowsocks-libev 3.3.2...
CVE-2019-5164HIGH7.8ten sam vendor
An exploitable code execution vulnerability exists in the ss-manager binary of Shadowsocks-libev 3.3.2. Specia...
CVE-2017-15924HIGH7.8ten sam vendor
In manager.c in ss-manager in shadowsocks-libev 3.1.0, improper parsing allows command injection via shell met...