One Article Review
| Source |  CVE Liste |
|---|---|
| Identifiant | 8288368 |
| Date de publication | 2022-12-06 18:15:10 (vue: 2022-12-06 20:07:18) |
| Titre | CVE-2022-23472 |
| Texte | Passeo is an open source python password generator. Versions prior to 1.0.5 rely on the python `random` library for random value selection. The python `random` library warns that it should not be used for security purposes due to its reliance on a non-cryptographically secure random number generator. As a result a motivated attacker may be able to guess generated passwords. This issue has been addressed in version 1.0.5. Users are advised to upgrade. There are no known workarounds for this vulnerability. |
| Notes | |
| Envoyé | Oui |
| Condensat | 2022 23472 `random` able addressed advised are attacker been cryptographically cve due generated generator guess has issue its known library may motivated non not number open passeo password passwords prior purposes python random reliance rely result secure security selection should source upgrade used users value version versions vulnerability warns workarounds |
| Tags | |
| Stories | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.