Neptunium, Promethium, Manganese
Severity: high

Insufficient Entropy

cryptiles

Overview

Versions of cryptiles from version 3.1.0 through 3.1.2, and versions 4.0.0 to version 4.1.1 are vulnerable to insufficient entropy. The randomDigits method generates digits that lack a perfect distribution over enough attempts.

Remediation

Update to version 3.1.3 or 4.1.2 or later.

Have content suggestions? Send them to [email protected]

Advisory timeline

  1. Created

    2018-11-01T18:32:48.906Z
  2. Updated

    2018-11-02T21:39:11.618Z