Lucene search
Veracode Vulnerability DatabaseVERACODE:3906HistoryApr 17, 2017 - 3:05 a.m.
Cryptographically Insecure Token Generation
2017-04-1703:05:48
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
4
0.001 Low
EPSS
Percentile
34.6%
react-native-meteor-oauth generates insecure tokens. These tokens are insecure because they are generated using the randomatic package which is not cryptographically secure. This makes it easier for attackers to brute force tokens.
| CPE | Name | Operator | Version |
|---|---|---|---|
| react-native-meteor-oauth | eq | 0.1.0 | |
| randomatic | le | 2.0.0 | |
| randomatic | le | 2.0.0 | |
| randomatic | le | 2.0.0 |
Related
github
github
Cryptographically Weak PRNG in randomatic
2018-10-09 00:57:21
cve
cve
CVE-2017-16028
2018-06-04 19:29:01
nodejs
nodejs
Cryptographically Weak PRNG
2016-11-09 20:03:19
nvd
nvd
CVE-2017-16028
2018-06-04 19:29:01
osv
osv
Cryptographically Weak PRNG in randomatic
2018-10-09 00:57:21
prion
prion
Design/Logic Flaw
2018-06-04 19:29:00
cvelist
cvelist
CVE-2017-16028
2018-04-26 00:00:00
