Insecure Entropy Source - Math.random()node-uuid
Affected versions of
node-uuid consistently fall back to using
Math.random as an entropy source instead of
crypto, which may result in guessable UUID's.
Update to version 1.4.4 or later.
Have content suggestions? Send them to [email protected]
publishedAdvisory publishedMar 28th, 2016
reportedInitial report by Fedot PraslovMar 28th, 2016