Description
node-uuid before 1.4.4 uses insufficiently random data to create a GUID, which could make it easier for attackers to have unspecified impact via brute force guessing.
Analysis
No analysis available yet.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| node-uuid | node-uuid | affected |
|
| Package | CPE | Advisory | Released Date |
|---|---|---|---|
| Red Hat OpenShift Container Platform 3.2 | |||
| atomic-openshift-0:3.2.1.1-1.git.0.96f9555.el7 | cpe:/a:redhat:openshift:3.2::el7 | RHBA-2016:1343 | 2016-06-27T00:00:00Z |
| heapster-0:1.1.0-1.beta2.el7 | cpe:/a:redhat:openshift:3.2::el7 | RHBA-2016:1343 | 2016-06-27T00:00:00Z |
No data available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2020-0358 | node-uuid before 1.4.4 uses insufficiently random data to create a GUID, which could make it easier for attackers to have unspecified impact via brute force guessing. |
 Github GHSA |
GHSA-265q-28rp-chq5 | Insecure Entropy Source - Math.random() in node-uuid |
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published:
Updated: 2024-08-06T08:29:22.071Z
Reserved: 2016-04-13T00:00:00.000Z
Link: CVE-2015-8851
Vulnrichment
No data.
NVD
Status : Modified
Published: 2020-01-30T21:15:14.653
Modified: 2024-11-21T02:39:18.790
Link: CVE-2015-8851
Redhat
OpenCVE Enrichment
No data.
Weaknesses