We found results for “”
CVE-2021-3538
Good to know:
Date: June 2, 2021
A flaw was found in github.com/satori/go.uuid in versions from commit 0ef6afb2f6cdd6cdaeee3885a95099c63f18fc8c to d91630c8510268e75203009fe7daf2b8e1d60c45. Due to insecure randomness in the g.rand.Read function the generated UUIDs are predictable for an attacker.
Language: Go
Severity Score
Severity Score
Weakness Type (CWE)
Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)
CWE-338Top Fix
Upgrade Version
Upgrade to version github.com/satori/go.uuid - 75cca531ea763666bc46e531da3b4c3b95f64557
CVSS v3
Base Score: |
|
---|---|
Attack Vector (AV): | |
Attack Complexity (AC): | |
Privileges Required (PR): | |
User Interaction (UI): | |
Scope (S): | |
Confidentiality (C): | NONE |
Integrity (I): | PARTIAL |
Availability (A): | NONE |
CVSS v2
Base Score: |
|
---|---|
Access Vector (AV): | |
Access Complexity (AC): | |
Authentication (AU): | |
Confidentiality (C): | NONE |
Integrity (I): | NONE |
Availability (A): | HIGH |
Additional information: |