Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:47643
HistoryJun 19, 2024 - 10:06 a.m.

Use Of Insufficiently Random Values

2024-06-1910:06:26
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
insufficiently random
entropy vulnerability
brute force

7.1 High

AI Score

Confidence

High

JSON

zendframework/zendframework is vulnerable to insufficient entropy. The vulnerability is due to using PHP’s mt_rand() function as a fallback for generating random bytes, which is predictable and susceptible to brute force attacks on the seed.

7.1 High

AI Score

Confidence

High

JSON