Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Use of insecure random number generator in Passeo
Vulnerability Description
Passeo is an open source python password generator. Versions prior to 1.0.5 rely on the python `random` library for random value selection. The python `random` library warns that it should not be used for security purposes due to its reliance on a non-cryptographically secure random number generator. As a result a motivated attacker may be able to guess generated passwords. This issue has been addressed in version 1.0.5. Users are advised to upgrade. There are no known workarounds for this vulnerability.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Vulnerability Type
使用具有密码学弱点缺陷的PRNG
Vulnerability Title
Passeo 安全特征问题漏洞
Vulnerability Description
Passeo是Arjun Sharda个人开发者的一个 Python 密码生成器。 Passeo 1.0.5 之前版本存在安全特征问题漏洞,该漏洞源于依赖于 python `random` 库来进行随机值选择,它依赖于非加密安全的随机数生成器,攻击者利用该漏洞可能能够猜测生成的密码。
CVSS Information
N/A
Vulnerability Type
N/A