CVE-2025-24783

UNSUPPORTED WHEN ASSIGNED Incorrect Usage of Seeds in Pseudo-Random Number Generator PRNG vulnerability in Apache Cocoon. This issue affects Apache Cocoon: all versions. When a continuation is created, it gets a random identifier. Because the random number generator used to generate these...

Incorrect Usage Of Seeds

org.apache.cocoon, cocoon-forms-impl is vulnerable to Incorrect Usage of Seeds . The vulnerability is due to predictability in the random number generation process, as the PRNG was seeded with the startup time, allowing attackers to guess continuation identifiers and access unauthorized...

GHSA-PFF9-53M5-QR56 Apache Cocoon vulnerable to Incorrect Usage of Seeds in Pseudo-Random Number Generator

Incorrect Usage of Seeds in Pseudo-Random Number Generator PRNG vulnerability in Apache Cocoon. This issue affects Apache Cocoon: all versions. When a continuation is created, it gets a random identifier. Because the random number generator used to generate these identifiers was seeded with the...

Apache Cocoon vulnerable to Incorrect Usage of Seeds in Pseudo-Random Number Generator

Incorrect Usage of Seeds in Pseudo-Random Number Generator PRNG vulnerability in Apache Cocoon. This issue affects Apache Cocoon: all versions. When a continuation is created, it gets a random identifier. Because the random number generator used to generate these identifiers was seeded with the...

CVE-2025-24783

UNSUPPORTED WHEN ASSIGNED Incorrect Usage of Seeds in Pseudo-Random Number Generator PRNG vulnerability in Apache Cocoon. This issue affects Apache Cocoon: all versions. When a continuation is created, it gets a random identifier. Because the random number generator used to generate these...

CVE-2025-24783 Apache Cocoon: continuations may not be private

UNSUPPORTED WHEN ASSIGNED Incorrect Usage of Seeds in Pseudo-Random Number Generator PRNG vulnerability in Apache Cocoon. This issue affects Apache Cocoon: all versions. When a continuation is created, it gets a random identifier. Because the random number generator used to generate these...

CVE-2025-24783

Apache Cocoon is affected by an Incorrect Usage of Seeds in the PRNG for continuation identifiers. The PRNG is seeded with startup time, making continuation IDs potentially predictable and enabling access to unauthorized continuations. The issue is stated to affect all versions of Apache Cocoon, ...

PT-2025-5567 · Apache · Apache Cocoon

Name of the Vulnerable Software and Affected Versions: Apache Cocoon versions all versions Description: The issue is related to the incorrect usage of seeds in the pseudo-random number generator PRNG in Apache Cocoon. When a continuation is created, it gets a random identifier. Because the random...

Apache Cocoon 安全漏洞

Apache Cocoon is a Web application framework built on the concept of component-based Web development from the Apache Foundation. A security vulnerability exists in Apache Cocoon that stems from the fact that Apache Cocoon uses a pseudo-random number generator PRNG when generating continuation...