GHSA-6G33-F262-XJP4 Cryptographically Weak PRNG in randomatic

Affected versions of randomatic generate random values using a cryptographically weak psuedo-random number generator. This may result in predictable values instead of random values as intended. Recommendation Update to version 3.0.0 or later...

Cryptographically Weak PRNG in randomatic

Affected versions of randomatic generate random values using a cryptographically weak psuedo-random number generator. This may result in predictable values instead of random values as intended. Recommendation Update to version 3.0.0 or later...

@binsee/wx-voice (=0.3.0), @bitfirer/vue-qriously (=0.0.1) +151 more potentially affected by CVE-2017-16028 via randomatic (>=0.1.4 <=2.0.0)

randomatic NPM version =0.1.4, =0.0.1, =1.1.0, =0.4.0, =1.2.20, =8.0.30, =1.0.2, =0.1.0, =0.1.2 - @ngxvoice/ngx-voicelistner =1.0.0 - @pushrocks/smartdata =3.1.2 and more Source cves: CVE-2017-16028 Source advisory: OSV:GHSA-6G33-F262-XJP4...

Cryptographically Insecure Token Generation

react-native-meteor-oauth generates insecure tokens. These tokens are insecure because they are generated using the randomatic package which is not cryptographically secure. This makes it easier for attackers to brute force tokens...

Cryptographically Weak PRNG

Overview Affected versions of randomatic generate random values using a cryptographically weak psuedo-random number generator. This may result in predictable values instead of random values as intended. Recommendation Update to version 3.0.0 or later. References - Commit 4a52695 - GitHub Advisory...