5 matches found
EUVD-2024-0610
Malicious code in bioql PyPI...
Use of Insufficiently Random Values in github.com/greenpau/caddy-security
Versions of the package github.com/greenpau/caddy-security before 1.0.42 are vulnerable to Insecure Randomness due to using an insecure random number generation library which could possibly be predicted via a brute-force search. Attackers could use the potentially predictable nonce value used for...
CVE-2024-21495
The CVE-2024-21495 entry concerns the Go package github.com/greenpau/caddy-security (versions before 1.0.42). Root cause: insecure randomness used in multiple contexts (OAuth nonce, MFA secrets, API key generation) due to an insecure RNG library, enabling potential replay or predictability attack...
CVE-2024-21495
Versions of the package github.com/greenpau/caddy-security before 1.0.42 are vulnerable to Insecure Randomness due to using an insecure random number generation library which could possibly be predicted via a brute-force search. Attackers could use the potentially predictable nonce value used for...
CVE-2024-21495
Versions of the package github.com/greenpau/caddy-security before 1.0.42 are vulnerable to Insecure Randomness due to using an insecure random number generation library which could possibly be predicted via a brute-force search. Attackers could use the potentially predictable nonce value used for...