Versions of cryptiles
prior to 4.1.2 are vulnerable to Insufficient Entropy. The randomDigits()
method does not provide sufficient entropy and its generates digits that are not evenly distributed.
Upgrade to version 4.1.2. The package is deprecated and has been moved to @hapi/cryptiles
and it is strongly recommended to use the maintained package.