exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 4

CVE-2016-1902

около 9 лет назад

The nextBytes function in the SecureRandom class in Symfony before 2.3.37, 2.6.x before 2.6.13, and 2.7.x before 2.7.9 does not properly generate random numbers when used with PHP 5.x without the paragonie/random_compat library and the openssl_random_pseudo_bytes function fails, which makes it easier for attackers to defeat cryptographic protection mechanisms via unspecified vectors.

CVSS3: 7.5

EPSS: Низкий

CVE-2016-1902

около 9 лет назад

The nextBytes function in the SecureRandom class in Symfony before 2.3.37, 2.6.x before 2.6.13, and 2.7.x before 2.7.9 does not properly generate random numbers when used with PHP 5.x without the paragonie/random_compat library and the openssl_random_pseudo_bytes function fails, which makes it easier for attackers to defeat cryptographic protection mechanisms via unspecified vectors.

CVSS3: 7.5

EPSS: Низкий

CVE-2016-1902

около 9 лет назад

The nextBytes function in the SecureRandom class in Symfony before 2.3 ...

CVSS3: 7.5

EPSS: Низкий

GHSA-jjx5-fq5g-8xpc

около 3 лет назад

Symfony Cryptographic Vulnerability

CVSS3: 7.5

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2016-1902 The nextBytes function in the SecureRandom class in Symfony before 2.3.37, 2.6.x before 2.6.13, and 2.7.x before 2.7.9 does not properly generate random numbers when used with PHP 5.x without the paragonie/random_compat library and the openssl_random_pseudo_bytes function fails, which makes it easier for attackers to defeat cryptographic protection mechanisms via unspecified vectors.	CVSS3: 7.5	0% Низкий	около 9 лет назад
CVE-2016-1902 The nextBytes function in the SecureRandom class in Symfony before 2.3.37, 2.6.x before 2.6.13, and 2.7.x before 2.7.9 does not properly generate random numbers when used with PHP 5.x without the paragonie/random_compat library and the openssl_random_pseudo_bytes function fails, which makes it easier for attackers to defeat cryptographic protection mechanisms via unspecified vectors.	CVSS3: 7.5	0% Низкий	около 9 лет назад
CVE-2016-1902 The nextBytes function in the SecureRandom class in Symfony before 2.3 ...	CVSS3: 7.5	0% Низкий	около 9 лет назад
GHSA-jjx5-fq5g-8xpc Symfony Cryptographic Vulnerability	CVSS3: 7.5	0% Низкий	около 3 лет назад

Уязвимостей на страницу