12 matches found
Information Disclosure
passeo is vulnerable to information disclosure. The vulnerability exists due to the use of insecure random password generation library used in the generate function of init.py, allowing an attacker to guess the password...
GHSA-MHHF-VGWH-FW9H Passeo uses insecure random number generator
Impact Everyone below v1.0.5 is impacted by this flaw, of confidentiality being at risk due to the passwords being easily able to be guessed with Passeo's use of the random library. It is recommended to change any passwords made with Passeo before v1.0.5 and upgrade to v1.0.5, and v1.0.5 patches...
Passeo uses insecure random number generator
Impact Everyone below v1.0.5 is impacted by this flaw, of confidentiality being at risk due to the passwords being easily able to be guessed with Passeo's use of the random library. It is recommended to change any passwords made with Passeo before v1.0.5 and upgrade to v1.0.5, and v1.0.5 patches...
CVE-2022-23472
Passeo is an open source python password generator. Versions prior to 1.0.5 rely on the python random library for random value selection. The python random library warns that it should not be used for security purposes due to its reliance on a non-cryptographically secure random number generator...
PYSEC-2022-42997
Passeo is an open source python password generator. Versions prior to 1.0.5 rely on the python random library for random value selection. The python random library warns that it should not be used for security purposes due to its reliance on a non-cryptographically secure random number generator...
PYSEC-2022-42997
Passeo is an open source python password generator. Versions prior to 1.0.5 rely on the python random library for random value selection. The python random library warns that it should not be used for security purposes due to its reliance on a non-cryptographically secure random number generator...
Design/Logic Flaw
Passeo is an open source python password generator. Versions prior to 1.0.5 rely on the python random library for random value selection. The python random library warns that it should not be used for security purposes due to its reliance on a non-cryptographically secure random number generator...
CVE-2022-23472 Use of insecure random number generator in Passeo
Passeo is an open source python password generator. Versions prior to 1.0.5 rely on the python random library for random value selection. The python random library warns that it should not be used for security purposes due to its reliance on a non-cryptographically secure random number generator...
CVE-2022-23472
Passeo (open source Python password generator) before v1.0.5 uses the Python random module for value generation, which is non-cryptographically secure. This may allow a motivated attacker to guess generated passwords. The issue is addressed in v1.0.5; upgrade to that version. No public workaround...
CVE-2022-23472 Use of insecure random number generator in Passeo
Passeo is an open source python password generator. Versions prior to 1.0.5 rely on the python random library for random value selection. The python random library warns that it should not be used for security purposes due to its reliance on a non-cryptographically secure random number generator...
Passeo 安全特征问题漏洞
Passeo is a Python password generator by the individual developer Arjun Sharda. A security signature issue vulnerability exists in versions of Passeo prior to 1.0.5 that stems from a reliance on the python random library for random value selection, which relies on a non-cryptographically secure...
PT-2022-16013 · Python · Random +1
Name of the Vulnerable Software and Affected Versions: Passeo versions prior to 1.0.5 Description: Passeo is an open source python password generator that relies on the python random library for random value selection in versions prior to 1.0.5. The python random library is not suitable for...