CVE-2023-50475:

0.0 CVSS

Description

An issue was discovered in bcoin-org bcoin version 2.2.0, allows remote attackers to obtain sensitive information via weak hashing algorithms in the component \vendor\faye-websocket.js.

Classification

CVE ID: CVE-2023-50475

CVSS Base Severity: LOW

CVSS Base Score: 0.0

Affected Products

Vendor: n/a

Product: n/a

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.29% (probability of being exploited)

EPSS Percentile: 69.1% (scored less or equal to compared to others)

EPSS Date: 2025-02-03 (when was this score calculated)

References

https://github.com/bcoin-org/bcoin/issues/1174
https://github.com/tianjk99/Cryptographic-Misuses/blob/main/CVE-2023-50475.md

Timeline

2024-11-27 14:41:44 UTC
CVE