GHSA-Q8FC-V85F-78PW stormpath/sdk uses Insecure Random Number Generator

The vulnerability pertains to the usage of an insecure random number generator RNG in the "stormpath-sdk-php" library. Specifically, the issue is present in the generation of UUID Universally Unique Identifier version 4 within the codebase...

PT-2024-40424 · Stormpath · Stormpath-Sdk-Php

Name of the Vulnerable Software and Affected Versions: stormpath-sdk-php affected versions not specified Description: The issue is related to the use of an insecure random number generator RNG in the generation of UUID version 4 within the codebase. Recommendations: At the moment, there is no...

browser-forms (>=0.0.1 <=0.0.2), express-stormpath (>=0.1.0 <=0.5.8) +4 more potentially affected by CVE-2021-23388 via forms (>=0.1.0 <=1.1.4)

forms NPM version =0.1.0, =0.0.1, =0.1.0, =0.0.1, =1.0.0, =0.3.1, =0.0.1, =0.1.1 Source cves: CVE-2021-23388 Source advisory: OSV:GHSA-C56F-GRV3-GPFR...

com.github.microwww:mocker-redis-spring-boot-autoconfigure (>=0.0.1 <=3.0.0), com.github.microwww:mocker-redis-spring-boot-starter (>=0.0.1 <=3.0.2-2.8) +79 more potentially affected by CVE-2018-1196 via org.springframework.boot:spring-boot (=1.5.0.RELEASE)

org.springframework.boot:spring-boot MAVEN version =1.5.0.RELEASE is affected by a known vulnerability. The following packages have a transitive dependency on org.springframework.boot:spring-boot and may be impacted: - com.github.microwww:mocker-redis-spring-boot-autoconfigure =0.0.1, =0.0.1,...