Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

randomDigits() generates biased random digits #34

Closed
hueniverse opened this issue Jun 24, 2018 · 2 comments
Closed

randomDigits() generates biased random digits #34

hueniverse opened this issue Jun 24, 2018 · 2 comments
Assignees
Labels
Milestone

Comments

@hueniverse
Copy link
Member

@hueniverse hueniverse commented Jun 24, 2018

Reported by Microsoft Vulnerability Research: MSVR 45977.

The randomDigits() method generates digits that lack a perfect distribution over enough attempts.

@hueniverse hueniverse added this to the 4.1.2 milestone Jun 24, 2018
@hueniverse hueniverse self-assigned this Jun 24, 2018
@ddillard

This comment has been minimized.

Copy link

@ddillard ddillard commented Jun 25, 2018

Is there going to be a CVE for this issue?

@ddillard

This comment has been minimized.

Copy link

@ddillard ddillard commented Jul 9, 2018

This issue has been assigned CVE-2018-1000620

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
2 participants
You can’t perform that action at this time.