Описание
The crypto-js package before 3.2.1 for Node.js generates random numbers by concatenating the string "0." with an integer, which makes the output more predictable than necessary.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support |
| devel | not-affected | code not present |
| esm-apps/bionic | not-affected | code not present |
| esm-apps/focal | not-affected | code not present |
| esm-apps/jammy | not-affected | code not present |
| esm-apps/xenial | not-affected | code not present |
| focal | not-affected | code not present |
| jammy | not-affected | code not present |
| kinetic | not-affected | code not present |
| lunar | not-affected | code not present |
Показывать по
10
EPSS
Процентиль: 77%
0.01061
Низкий
5.3 Medium
CVSS3
Связанные уязвимости
CVSS3: 5.3
nvd
больше 2 лет назад
The crypto-js package before 3.2.1 for Node.js generates random numbers by concatenating the string "0." with an integer, which makes the output more predictable than necessary.
EPSS
Процентиль: 77%
0.01061
Низкий
5.3 Medium
CVSS3