Shadowsocksx Ng
1 CVEs
product
Monthly
ShadowsocksX-NG 1.10.0 signs with com.apple.security.get-task-allow entitlements because of CODE_SIGNING_INJECT_BASE_ENTITLEMENTS. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Code Injection
Apple
Shadowsocksx Ng
NVD
GitHub
CVSS 3.1
9.8
EPSS
0.4%
EPSS 0%
CVSS 9.8
CRITICAL
PATCH
Act Now
ShadowsocksX-NG 1.10.0 signs with com.apple.security.get-task-allow entitlements because of CODE_SIGNING_INJECT_BASE_ENTITLEMENTS. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Code Injection
Apple
Shadowsocksx Ng
NVD
GitHub