GHSA-3F99-HVG4-QJWJ Insecure random number generation in keypair

Description and Impact A bug in the pseudo-random number generator used by keypair versions up to and including 1.0.3 could allow for weak RSA key generation. This could enable an attacker to decrypt confidential messages or gain authorized access to an account belonging to the victim. We recomme...

7ghost (>=4.11.0 <=4.11.46), @heroku-cli/plugin-java (>=3.0.0 <=3.1.1) +55 more potentially affected by CVE-2021-41117 via keypair (>=0.0.5 <=1.0.3)

keypair NPM version =0.0.5, =4.11.0, =3.0.0, =2.3.1, =3.41.6, =1.0.1, =1.0.0, =0.1.2, =0.2.1, =0.4.0, =0.1.2, =0.1.2, =0.1.11 and more Source cves: CVE-2021-41117 Source advisory: OSV:GHSA-3F99-HVG4-QJWJ...