GHSA-pqj5-37xf-x5gc

Suggest an improvement
Source
https://github.com/advisories/GHSA-pqj5-37xf-x5gc
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/12/GHSA-pqj5-37xf-x5gc/GHSA-pqj5-37xf-x5gc.json
JSON Data
https://api.osv.dev/v1/vulns/GHSA-pqj5-37xf-x5gc
Aliases
Published
2023-12-21T12:30:29Z
Modified
2023-12-21T18:28:09.707713Z
Summary
blinksocks has weak encryption algorithms
Details

An issue was discovered in blinksocks version 3.3.8, allows remote attackers to obtain sensitive information via weak encryption algorithms in the component /presets/ssr-auth-chain.js.

Database specific 
{
    "nvd_published_at": "2023-12-21T11:15:08Z",
    "cwe_ids": [],
    "severity": "MODERATE",
    "github_reviewed": true,
    "github_reviewed_at": "2023-12-21T18:12:37Z"
}
References

Affected packages

npm / blinksocks

Package

Name
blinksocks
View open source insights on deps.dev
Purl
pkg:npm/blinksocks

Affected ranges

Type
SEMVER
Events
Introduced
0Unknown introduced version / All previous versions are affected
Last affected
3.3.8