Common Weakness Enumeration

CWE-338

Allowed

Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)

Abstraction: Base · Status: Draft

The product uses a Pseudo-Random Number Generator (PRNG) in a security context, but the PRNG's algorithm is not cryptographically strong.

295 vulnerabilities reference this CWE, most recent first.

GHSA-44R7-7P62-Q3FR

Vulnerability from github – Published: 2021-05-18 21:09 – Updated: 2023-08-29 22:33
VLAI
Summary
miekg/dns insecurely generates random numbers
Details

The miekg Go DNS package before 1.1.25, as used in CoreDNS before 1.6.6 and other products, improperly generates random numbers because math/rand is used. The TXID becomes predictable, leading to response forgeries.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/miekg/dns"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.1.25"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2019-19794"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-330",
      "CWE-338"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2021-05-18T20:42:52Z",
    "nvd_published_at": null,
    "severity": "MODERATE"
  },
  "details": "The miekg Go DNS package before 1.1.25, as used in CoreDNS before 1.6.6 and other products, improperly generates random numbers because math/rand is used. The TXID becomes predictable, leading to response forgeries.",
  "id": "GHSA-44r7-7p62-q3fr",
  "modified": "2023-08-29T22:33:25Z",
  "published": "2021-05-18T21:09:13Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19794"
    },
    {
      "type": "WEB",
      "url": "https://github.com/coredns/coredns/issues/3519"
    },
    {
      "type": "WEB",
      "url": "https://github.com/coredns/coredns/issues/3547"
    },
    {
      "type": "WEB",
      "url": "https://github.com/miekg/dns/issues/1037"
    },
    {
      "type": "WEB",
      "url": "https://github.com/miekg/dns/issues/1043"
    },
    {
      "type": "WEB",
      "url": "https://github.com/miekg/dns/pull/1044"
    },
    {
      "type": "WEB",
      "url": "https://github.com/miekg/dns/commit/8ebf2e419df7857ac8919baa05248789a8ffbf33"
    },
    {
      "type": "WEB",
      "url": "https://github.com/miekg/dns/compare/v1.1.24...v1.1.25"
    },
    {
      "type": "WEB",
      "url": "https://pkg.go.dev/vuln/GO-2020-0008"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "miekg/dns insecurely generates random numbers"
}

GHSA-462C-H7QR-CXM6

Vulnerability from github – Published: 2026-05-11 09:30 – Updated: 2026-05-11 18:31
VLAI
Details

WebDyne::Session versions through 2.075 for Perl generates the session id insecurely.

The session handler generates the session id from an MD5 hash seeded with a call to the built-in rand() function. The rand function is passed a maximum value based on the process id, the epoch time and the reference address of the object, but this information will have no effect on the overall quality of the seed of the message digest.

The rand function is seeded by 32-bits and is predictable. It is considered unsuitable for cryptographic purposes.

Predictable session ids could allow an attacker to gain access to systems.

Note that WebDyne::Session versions 1.042 and earlier appear to be in separate distributions from WebDyne.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-5084"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-338"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-05-11T08:16:16Z",
    "severity": "MODERATE"
  },
  "details": "WebDyne::Session versions through 2.075 for Perl generates the session id insecurely.\n\nThe session handler generates the session id from an MD5 hash seeded with a call to the built-in rand() function. The rand function is passed a maximum value based on the process id, the epoch time and the reference address of the object, but this information will have no effect on the overall quality of the seed of the message digest.\n\nThe rand function is seeded by 32-bits and is predictable. It is considered unsuitable for cryptographic purposes.\n\nPredictable session ids could allow an attacker to gain access to systems.\n\nNote that WebDyne::Session versions 1.042 and earlier appear to be in separate distributions from WebDyne.",
  "id": "GHSA-462c-h7qr-cxm6",
  "modified": "2026-05-11T18:31:43Z",
  "published": "2026-05-11T09:30:32Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-5084"
    },
    {
      "type": "WEB",
      "url": "https://metacpan.org/release/ASPEER/WebDyne-2.075/source/lib/WebDyne/Session.pm#L120"
    },
    {
      "type": "WEB",
      "url": "https://security.metacpan.org/docs/guides/random-data-for-security.html"
    },
    {
      "type": "WEB",
      "url": "https://webdyne.org"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2026/05/11/3"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-46F3-RC2X-P4JV

Vulnerability from github – Published: 2025-03-26 12:30 – Updated: 2025-03-26 21:31
VLAI
Details

DBIx::Class::EncodedColumn use the rand() function, which is not cryptographically secure to salt password hashes.

This vulnerability is associated with program files lib/DBIx/Class/EncodedColumn/Digest.pm.

This issue affects DBIx::Class::EncodedColumn until 0.00032.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-27551"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-331",
      "CWE-338"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-03-26T11:15:38Z",
    "severity": "MODERATE"
  },
  "details": "DBIx::Class::EncodedColumn use the rand() function, which is not cryptographically secure to salt password hashes.\n\nThis vulnerability is associated with program files lib/DBIx/Class/EncodedColumn/Digest.pm.\n\nThis issue affects DBIx::Class::EncodedColumn until 0.00032.",
  "id": "GHSA-46f3-rc2x-p4jv",
  "modified": "2025-03-26T21:31:06Z",
  "published": "2025-03-26T12:30:33Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-27551"
    },
    {
      "type": "WEB",
      "url": "https://metacpan.org/release/WREIS/DBIx-Class-EncodedColumn-0.00032/changes"
    },
    {
      "type": "WEB",
      "url": "https://security.metacpan.org/docs/guides/random-data-for-security.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-496Q-8PH2-C4FJ

Vulnerability from github – Published: 2025-07-16 15:32 – Updated: 2025-11-05 00:31
VLAI
Details

Authen::SASL::Perl::DIGEST_MD5 versions 2.04 through 2.1800 for Perl generates the cnonce insecurely.

The cnonce (client nonce) is generated from an MD5 hash of the PID, the epoch time and the built-in rand function. The PID will come from a small set of numbers, and the epoch time may be guessed, if it is not leaked from the HTTP Date header. The built-in rand function is unsuitable for cryptographic usage.

According to RFC 2831, The cnonce-value is an opaque quoted string value provided by the client and used by both client and server to avoid chosen plaintext attacks, and to provide mutual authentication. The security of the implementation depends on a good choice. It is RECOMMENDED that it contain at least 64 bits of entropy.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-40918"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-338"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-07-16T14:15:25Z",
    "severity": "MODERATE"
  },
  "details": "Authen::SASL::Perl::DIGEST_MD5 versions 2.04 through 2.1800 for Perl generates the cnonce insecurely.\n\nThe cnonce (client nonce) is generated from an MD5 hash of the PID, the epoch time and the built-in rand function. The PID will come from a small set of numbers, and the epoch time may be guessed, if it is not leaked from the HTTP Date header. The built-in rand function is unsuitable for cryptographic usage.\n\nAccording to RFC 2831, The cnonce-value is an opaque quoted string value provided by the client and used by both client and server to avoid chosen plaintext attacks, and to provide mutual authentication. The security of the implementation\n depends on a good choice. It is RECOMMENDED that it contain at least 64 bits of entropy.",
  "id": "GHSA-496q-8ph2-c4fj",
  "modified": "2025-11-05T00:31:21Z",
  "published": "2025-07-16T15:32:32Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-40918"
    },
    {
      "type": "WEB",
      "url": "https://github.com/gbarr/perl-authen-sasl/pull/22"
    },
    {
      "type": "WEB",
      "url": "https://datatracker.ietf.org/doc/html/rfc2831"
    },
    {
      "type": "WEB",
      "url": "https://metacpan.org/dist/Authen-SASL/source/lib/Authen/SASL/Perl/DIGEST_MD5.pm#L263"
    },
    {
      "type": "WEB",
      "url": "https://metacpan.org/release/EHUELS/Authen-SASL-2.1900/changes"
    },
    {
      "type": "WEB",
      "url": "https://security.metacpan.org/patches/A/Authen-SASL/2.1800/CVE-2025-40918-r1.patch"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2025/07/16/5"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-4C72-MRHF-23CG

Vulnerability from github – Published: 2022-05-14 02:52 – Updated: 2023-08-15 22:11
VLAI
Summary
Apache Syncope uses a weak PNRG
Details

Apache Syncope 1.1.x before 1.1.8 uses weak random values to generate passwords, which makes it easier for remote attackers to guess the password via a brute force attack.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.syncope:syncope"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.1.0"
            },
            {
              "fixed": "1.1.8"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2014-3503"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-338"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-08-15T22:11:49Z",
    "nvd_published_at": "2014-07-11T14:55:00Z",
    "severity": "MODERATE"
  },
  "details": "Apache Syncope 1.1.x before 1.1.8 uses weak random values to generate passwords, which makes it easier for remote attackers to guess the password via a brute force attack.",
  "id": "GHSA-4c72-mrhf-23cg",
  "modified": "2023-08-15T22:11:49Z",
  "published": "2022-05-14T02:52:41Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3503"
    },
    {
      "type": "WEB",
      "url": "https://github.com/apache/syncope/commit/8e0045925a387ee211832c7e0709dd418cda1ad3"
    },
    {
      "type": "WEB",
      "url": "https://syncope.apache.org/security.html#cve-2014-3503-insecure-random-implementations-used-to-generate-p"
    },
    {
      "type": "WEB",
      "url": "https://web.archive.org/web/20140728093808/http://www.securityfocus.com/bid/68431"
    },
    {
      "type": "WEB",
      "url": "https://web.archive.org/web/20201207014021/http://www.securityfocus.com/archive/1/532669/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/127375/Apache-Syncope-Insecure-Password-Generation.html"
    },
    {
      "type": "WEB",
      "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=r1596537"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [],
  "summary": "Apache Syncope uses a weak PNRG"
}

GHSA-4G94-JFQP-P4F7

Vulnerability from github – Published: 2026-04-13 09:31 – Updated: 2026-04-13 18:30
VLAI
Details

Solstice::Session versions through 1440 for Perl generates session ids insecurely.

The _generateSessionID method returns an MD5 digest seeded by the epoch time, a random hash reference, a call to the built-in rand() function and the process id.

The same method is used in the _generateID method in Solstice::Subsession, which is part of the same distribution.

The epoch time may be guessed, if it is not leaked in the HTTP Date header. Stringified hash refences will contain predictable content. The built-in rand() function is seeded by 16-bits and is unsuitable for security purposes. The process id comes from a small set of numbers.

Predictable session ids could allow an attacker to gain access to systems.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-5085"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-338"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-04-13T07:16:50Z",
    "severity": "CRITICAL"
  },
  "details": "Solstice::Session versions through 1440 for Perl generates session ids insecurely.\n\nThe _generateSessionID method returns an MD5 digest seeded by the epoch time, a random hash reference, a call to the built-in rand() function and the process id.\n\nThe same method is used in the _generateID method in Solstice::Subsession, which is part of the same distribution.\n\nThe epoch time may be guessed, if it is not leaked in the HTTP Date header. Stringified hash refences will contain predictable content. The built-in rand() function is seeded by 16-bits and is unsuitable for security purposes. The process id comes from a small set of numbers.\n\nPredictable session ids could allow an attacker to gain access to systems.",
  "id": "GHSA-4g94-jfqp-p4f7",
  "modified": "2026-04-13T18:30:39Z",
  "published": "2026-04-13T09:31:33Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-5085"
    },
    {
      "type": "WEB",
      "url": "https://metacpan.org/dist/Solstice/source/lib/Solstice/Session.pm#L481"
    },
    {
      "type": "WEB",
      "url": "https://metacpan.org/dist/Solstice/source/lib/Solstice/Subsession.pm#L105"
    },
    {
      "type": "WEB",
      "url": "https://security.metacpan.org/docs/guides/random-data-for-security.html"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2026/04/13/2"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-4XRG-5554-QFFR

Vulnerability from github – Published: 2022-05-01 23:28 – Updated: 2025-04-09 03:54
VLAI
Details

OpenSSL 0.9.8c-1 up to versions before 0.9.8g-9 on Debian-based operating systems uses a random number generator that generates predictable numbers, which makes it easier for remote attackers to conduct brute force guessing attacks against cryptographic keys.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2008-0166"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-338"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2008-05-13T17:20:00Z",
    "severity": "HIGH"
  },
  "details": "OpenSSL 0.9.8c-1 up to versions before 0.9.8g-9 on Debian-based operating systems uses a random number generator that generates predictable numbers, which makes it easier for remote attackers to conduct brute force guessing attacks against cryptographic keys.",
  "id": "GHSA-4xrg-5554-qffr",
  "modified": "2025-04-09T03:54:26Z",
  "published": "2022-05-01T23:28:06Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-0166"
    },
    {
      "type": "WEB",
      "url": "https://16years.secvuln.info"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42375"
    },
    {
      "type": "WEB",
      "url": "https://news.ycombinator.com/item?id=40333169"
    },
    {
      "type": "WEB",
      "url": "https://www.exploit-db.com/exploits/5622"
    },
    {
      "type": "WEB",
      "url": "https://www.exploit-db.com/exploits/5632"
    },
    {
      "type": "WEB",
      "url": "https://www.exploit-db.com/exploits/5720"
    },
    {
      "type": "WEB",
      "url": "http://metasploit.com/users/hdm/tools/debian-openssl"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/30136"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/30220"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/30221"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/30231"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/30239"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/30249"
    },
    {
      "type": "WEB",
      "url": "http://sourceforge.net/mailarchive/forum.php?thread_name=48367252.7070603%40shemesh.biz\u0026forum_name=rsyncrypto-devel"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2008/dsa-1571"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2008/dsa-1576"
    },
    {
      "type": "WEB",
      "url": "http://www.kb.cert.org/vuls/id/925211"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/492112/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/29179"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1020017"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/usn-612-1"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/usn-612-2"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/usn-612-3"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/usn-612-4"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/usn-612-7"
    },
    {
      "type": "WEB",
      "url": "http://www.us-cert.gov/cas/techalerts/TA08-137A.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-54MG-VGRP-MWX9

Vulnerability from github – Published: 2019-05-14 04:01 – Updated: 2021-08-04 15:01
VLAI
Summary
Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in Ratpack
Details

Ratpack versions before 1.6.1 generate a session ID using a cryptographically weak PRNG in the JDK's ThreadLocalRandom. This means that if an attacker can determine a small window for the server start time and obtain a session ID value, they can theoretically determine the sequence of session IDs.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "io.ratpack:ratpack-session"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.6.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "io.ratpack:ratpack-java"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.6.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "io.ratpack:ratpack-groovy"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.6.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2019-11808"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-338"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2019-05-14T03:48:09Z",
    "nvd_published_at": "2019-05-07T07:29:00Z",
    "severity": "LOW"
  },
  "details": "Ratpack versions before 1.6.1 generate a session ID using a cryptographically weak PRNG in the JDK\u0027s ThreadLocalRandom. This means that if an attacker can determine a small window for the server start time and obtain a session ID value, they can theoretically determine the sequence of session IDs.",
  "id": "GHSA-54mg-vgrp-mwx9",
  "modified": "2021-08-04T15:01:30Z",
  "published": "2019-05-14T04:01:37Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11808"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ratpack/ratpack/issues/1448"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ratpack/ratpack/commit/f2b63eb82dd71194319fd3945f5edf29b8f3a42d"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ratpack/ratpack/releases/tag/v1.6.1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in Ratpack"
}

GHSA-56QJ-X9H6-9389

Vulnerability from github – Published: 2023-10-19 21:30 – Updated: 2024-04-04 08:48
VLAI
Details

An issue found in IXP Data Easy Install 6.6.148840 allows a remote attacker to escalate privileges via insecure PRNG.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-27791"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-338"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-10-19T20:15:08Z",
    "severity": "HIGH"
  },
  "details": "An issue found in IXP Data Easy Install 6.6.148840 allows a remote attacker to escalate privileges via insecure PRNG.",
  "id": "GHSA-56qj-x9h6-9389",
  "modified": "2024-04-04T08:48:57Z",
  "published": "2023-10-19T21:30:17Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27791"
    },
    {
      "type": "WEB",
      "url": "https://www.bramfitt-tech-labs.com/article/easy-install-cve-issue"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-59J9-QV68-3XX5

Vulnerability from github – Published: 2022-04-23 00:40 – Updated: 2024-04-03 23:49
VLAI
Details

A casting error in Chicken before 4.8.0 on 64-bit platform caused the random number generator to return a constant value. NOTE: the vendor states "This function wasn't used for security purposes (and is advertised as being unsuitable)."

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2012-6124"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-338"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-10-31T21:15:00Z",
    "severity": "MODERATE"
  },
  "details": "A casting error in Chicken before 4.8.0 on 64-bit platform caused the random number generator to return a constant value. NOTE: the vendor states \"This function wasn\u0027t used for security purposes (and is advertised as being unsuitable).\"",
  "id": "GHSA-59j9-qv68-3xx5",
  "modified": "2024-04-03T23:49:22Z",
  "published": "2022-04-23T00:40:08Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-6124"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/security/cve/cve-2012-6124"
    },
    {
      "type": "WEB",
      "url": "https://lists.nongnu.org/archive/html/chicken-hackers/2012-02/msg00084.html"
    },
    {
      "type": "WEB",
      "url": "https://security-tracker.debian.org/tracker/CVE-2012-6124"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2013/02/08/2"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation
Implementation

Use functions or hardware which use a hardware-based random number generation for all crypto. This is the recommended solution. Use CyptGenRandom on Windows, or hw_rand() on Linux.

No CAPEC attack patterns related to this CWE.