CVE-2024-41708

CVE-2024-41708 — Ada Web Server (AdaCore ada_web_services 20.0) is affected by a cryptographic PRNG issue. The Fedora/OpenVAS/Nessus advisories describe that AWS.Utils.Random and AWS.Utils.Random_String relied on Ada.Numerics.Discrete_Random, which is not cryptographically secure, and that Random...

CVE-2024-41708

An issue was discovered in AdaCore adawebservices 20.0 allows an attacker to escalate privileges and steal sessions via the RandomString function in the src/core/aws-utils.adb module...