CVE-2021-23451

Summary

The package otp-generator before 3.0.0 are vulnerable to Insecure Randomness due to insecure generation of random one-time passwords, which may allow a brute-force attack.

Affected Software

VendorProductVersion RangeStatus
n/aotp-generatorunspecified < 3.0.0affected

Weaknesses

  • Insecure Randomness

ADP Enrichment

CVE Program Container

Additional References

References