uuid@0.0.2 vulnerabilities

RFC4122 (v1, v4, and v5) UUIDs

latest version

9.0.1
latest non vulnerable version

9.0.1
first published

13 years ago
latest version published

7 months ago
licenses detected
- MIT
  >=0
View uuid package health on Snyk Advisor Open this link in a new tab

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the uuid package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability Vulnerable Version

Vulnerability	Vulnerable Version
M Insecure Randomness `uuid` is RFC4122 (v1 and v4) generator. Affected versions of the package use the `Math.random()` function which may generate already-used numbers after 24,000 cycles, making the values predictable for objects requiring unpredictability. It is possible for an attacker to guess the next value to be generated and may use this to access sensitive information. How to fix Insecure Randomness? Upgrade `uuid` to version 1.3.1 or higher.	<1.3.1

Insecure Randomness

uuid is RFC4122 (v1 and v4) generator.

Affected versions of the package use the Math.random() function which may generate already-used numbers after 24,000 cycles, making the values predictable for objects requiring unpredictability. It is possible for an attacker to guess the next value to be generated and may use this to access sensitive information.

How to fix Insecure Randomness?

Upgrade uuid to version 1.3.1 or higher.

<1.3.1

Go back to all versions of this package

uuid@0.0.2 vulnerabilities

RFC4122 (v1, v4, and v5) UUIDs

latest version

latest non vulnerable version

first published

latest version published

licenses detected

Direct Vulnerabilities