CVE-2008-0299

CVE-2008-0299 concerns Paramiko up to version 1.7.1 where the code path using threads or forked processes fails to properly use a RandomPool, enabling session-level information disclosure by predicting the pool state. Affected component: Paramiko’s common.py; root cause: inadequate randomness han...