bip-pod-flow@0.3.15

Vulnerabilities

1 via 1 paths

Dependencies

17

Source

npm

Find, fix and prevent vulnerabilities in your code.

Severity
  • 1
Status
  • 1
  • 0
  • 0

medium severity

Insecure Randomness

  • Vulnerable module: node-uuid
  • Introduced through: node-uuid@1.3.3

Detailed paths

  • Introduced through: bip-pod-flow@0.3.15 node-uuid@1.3.3
    Remediation: Upgrade to node-uuid@1.4.6.

Overview

node-uuid is a Simple, fast generation of RFC4122 UUIDS.

Affected versions of this package are vulnerable to Insecure Randomness. It uses the cryptographically insecure Math.random which can produce predictable values and should not be used in security-sensitive context.

Remediation

Upgrade node-uuid to version 1.4.4 or greater.

References