exploitDog

CVE-2022-28355

Опубликовано: 02 апр. 2022

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

randomUUID in Scala.js before 1.10.0 generates predictable values.

Ссылки

https://github.com/scala-js/scala-js/issues/4657
Issue Tracking
Patch
Third Party Advisory
https://github.com/scala-js/scala-js/releases
Release Notes
Third Party Advisory
https://github.com/scala-js/scala-js/security/advisories/GHSA-j2f9-w8wh-9ww4
Mitigation
Third Party Advisory
https://www.scala-js.org/news/2022/04/04/announcing-scalajs-1.10.0/
Release Notes
Third Party Advisory
https://github.com/scala-js/scala-js/issues/4657
Issue Tracking
Patch
Third Party Advisory
https://github.com/scala-js/scala-js/releases
Release Notes
Third Party Advisory
https://github.com/scala-js/scala-js/security/advisories/GHSA-j2f9-w8wh-9ww4
Mitigation
Third Party Advisory
https://www.scala-js.org/news/2022/04/04/announcing-scalajs-1.10.0/
Release Notes
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:scala-js:scala.js:*:*:*:*:*:*:*:*

Версия до 1.10.0 (исключая)

EPSS

Процентиль: 57%

0.00357

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-330

Связанные уязвимости

GHSA-9hg7-4gq8-ppp9

CVSS3: 7.5

github

почти 4 года назад

randomUUID in Scala.js before 1.10.0 generates predictable values.

EPSS

Процентиль: 57%

0.00357

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-330