Chilkat 安全漏洞

Chilkat is a cross-language, cross-platform API from Chilkat, Inc. A security vulnerability exists in Chilkat versions prior to v9.5.0.98. An attacker exploited the vulnerability to obtain sensitive information via a predictable PRNG in the ChilkatRand::randomBytes function...

MAL-2022-5583 Malicious code in randombytse (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 763e62628bb512a664eec0ead1b4cbf435c6d0f35c4105bcf22e6dcca11c6563 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

GHSA-H5VJ-F7R9-W564 Entropy Backdoor in text-qrcode

All versions of text-qrcode contain malicious code that overwrites the randomBytes method for the crypto module with a function that generates weak entropy. Instead of generating 32 bytes, the infected randomBytes will generate 3 bytes of entropy and hash them, resulting in a 32 byte value being...

Entropy Backdoor in text-qrcode

All versions of text-qrcode contain malicious code that overwrites the randomBytes method for the crypto module with a function that generates weak entropy. Instead of generating 32 bytes, the infected randomBytes will generate 3 bytes of entropy and hash them, resulting in a 32 byte value being...

Malicious Package

text-qrcode package contains malicious code. The randomBytes method is overwritten with a function that generates a weak entropy of 3 bytes and subsequently hashed, which would allow an attacker to guess the random value in a short amount of time...

Entropy Backdoor

Overview All versions of text-qrcode contain malicious code that overwrites the randomBytes method for the crypto module with a function that generates weak entropy. Instead of generating 32 bytes, the infected randomBytes will generate 3 bytes of entropy and hash them, resulting in a 32 byte val...