Skip to content

Insecure Randomness Vulnerability - github.com/miekg/dns #1080

New issue
New issue
Closed
Closed
Insecure Randomness Vulnerability - github.com/miekg/dns#1080
@yinzara

Description

@yinzara
yinzara
opened on Apr 15, 2021

The github.com/miekg/dns library has a Insecure Randomness Vulnerability in all versions less than 1.1.25:
miekg/dns#1043

This is a transitive dependency through:
github.com/go-kit/kit@v0.10.0 › github.com/hashicorp/consul/api@v1.3.0 › github.com/hashicorp/serf@v0.8.2 › github.com/hashicorp/memberlist@v0.1.3 › github.com/miekg/dns@v1.0.14

Upgrading to consul v1.7.3 or higher will remove this vulnerability (current version is v1.9.5)

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions