Lucene search
Veracode Vulnerability DatabaseVERACODE:28266HistoryDec 06, 2020 - 3:48 a.m.
Insecure Cryptography
2020-12-0603:48:40
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
12
0.001 Low
EPSS
Percentile
50.4%
rclone is vulnerable to insecure cryptography. The vulnerability exists due to the use of an insecure random number generator which produces insecure passwords with much less entropy than advertised.
| CPE | Name | Operator | Version |
|---|---|---|---|
| rclone:bullseye | eq | 1.53.1-2 | |
| rclone:sid | eq | 1.53.1-2 | |
| rclone:bullseye | eq | 1.53.1-2 | |
| rclone:sid | eq | 1.53.1-2 |
Related
suse
suse
Security update for rclone (moderate)
2020-11-24 00:00:00
Security update for rclone (moderate)
2020-11-26 00:00:00
Security update for rclone (moderate)
2021-02-10 00:00:00
nessus
nessus
Fedora 33 : rclone (2020-3b0bb05117)
2020-12-15 00:00:00
GLSA-202107-14 : rclone: Weak random number generation
2022-01-24 00:00:00
openSUSE Security Update : rclone (openSUSE-2020-2008)
2020-11-30 00:00:00
ubuntucve
ubuntucve
CVE-2020-28924
2020-11-19 00:00:00
redhatcve
redhatcve
CVE-2020-28924
2022-05-20 23:44:07
osv
osv
Use of Cryptographically Weak Pseudo-Random Number Generator in Rclone
2021-06-10 17:23:21
BIT-rclone-2020-28924
2024-03-06 11:03:09
CVE-2020-28924
2020-11-19 20:15:12
openvas
openvas
Fedora: Security Advisory for rclone (FEDORA-2020-3b0bb05117)
2020-12-15 00:00:00
prion
prion
Design/Logic Flaw
2020-11-19 20:15:00
cve
cve
CVE-2020-28924
2020-11-19 20:15:12
debiancve
debiancve
CVE-2020-28924
2020-11-19 20:15:12
cvelist
cvelist
CVE-2020-28924
2020-11-19 19:32:41
github
github
Use of Cryptographically Weak Pseudo-Random Number Generator in Rclone
2021-06-10 17:23:21
archlinux
archlinux
[ASA-202011-17] rclone: private key recovery
2020-11-19 00:00:00
fedora
fedora
[SECURITY] Fedora 33 Update: rclone-1.53.3-1.fc33
2020-12-15 01:22:04
gentoo
gentoo
rclone: Weak random number generation
2021-07-08 00:00:00
nvd
nvd
CVE-2020-28924
2020-11-19 20:15:12