9 matches found
EUVD-2022-6780
Malicious code in bioql PyPI...
Fastly Compute@Edge JS Runtime has fixed random number seed during compilation
Impact Math.random and crypto.getRandomValues methods failed to use sufficiently random values. The initial value to seed the CSPRNG cryptographically secure pseudorandom number generator was baked-in to the final WebAssembly module meaning the sequence of numbers generated was predictable for th...
GHSA-CMR8-5W4C-44V8 Fastly Compute@Edge JS Runtime has fixed random number seed during compilation
Impact Math.random and crypto.getRandomValues methods failed to use sufficiently random values. The initial value to seed the CSPRNG cryptographically secure pseudorandom number generator was baked-in to the final WebAssembly module meaning the sequence of numbers generated was predictable for th...
CVE-2022-39218
The JS Compute Runtime for Fastly's Compute@Edge platform provides the environment JavaScript is executed in when using the Compute@Edge JavaScript SDK. In versions prior to 0.5.3, the Math.random and crypto.getRandomValues methods fail to use sufficiently random values. The initial value to seed...
Design/Logic Flaw
The JS Compute Runtime for Fastly's Compute@Edge platform provides the environment JavaScript is executed in when using the Compute@Edge JavaScript SDK. In versions prior to 0.5.3, the Math.random and crypto.getRandomValues methods fail to use sufficiently random values. The initial value to seed...
CVE-2022-39218 Random number seed fixed during compilation
The JS Compute Runtime for Fastly's Compute@Edge platform provides the environment JavaScript is executed in when using the Compute@Edge JavaScript SDK. In versions prior to 0.5.3, the Math.random and crypto.getRandomValues methods fail to use sufficiently random values. The initial value to seed...
CVE-2022-39218 Random number seed fixed during compilation
The JS Compute Runtime for Fastly's Compute@Edge platform provides the environment JavaScript is executed in when using the Compute@Edge JavaScript SDK. In versions prior to 0.5.3, the Math.random and crypto.getRandomValues methods fail to use sufficiently random values. The initial value to seed...
CVE-2022-39218
The CVE-2022-39218 vulnerability affects Fastly’s Compute@Edge JS Runtime. In versions before 0.5.3, Math.random and crypto.getRandomValues do not use sufficiently random values because the seed for the PRNG was baked into the final WebAssembly module, making the random sequence predictable for t...
CVE-2022-39218 Random number seed fixed during compilation
The JS Compute Runtime for Fastly's Compute@Edge platform provides the environment JavaScript is executed in when using the Compute@Edge JavaScript SDK. In versions prior to 0.5.3, the Math.random and crypto.getRandomValues methods fail to use sufficiently random values. The initial value to seed...