Common Weakness Enumeration

CWE-338

Allowed

Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)

Abstraction: Base · Status: Draft

The product uses a Pseudo-Random Number Generator (PRNG) in a security context, but the PRNG's algorithm is not cryptographically strong.

293 vulnerabilities reference this CWE, most recent first.

GHSA-VXR9-MR85-JWJW

Vulnerability from github – Published: 2022-05-14 03:49 – Updated: 2022-05-14 03:49
VLAI
Details

It was discovered that QtPass before 1.2.1, when using the built-in password generator, generates possibly predictable and enumerable passwords. This only applies to the QtPass GUI.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2017-18021"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-338"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-01-05T19:29:00Z",
    "severity": "CRITICAL"
  },
  "details": "It was discovered that QtPass before 1.2.1, when using the built-in password generator, generates possibly predictable and enumerable passwords. This only applies to the QtPass GUI.",
  "id": "GHSA-vxr9-mr85-jwjw",
  "modified": "2022-05-14T03:49:11Z",
  "published": "2022-05-14T03:49:11Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-18021"
    },
    {
      "type": "WEB",
      "url": "https://github.com/IJHack/QtPass/issues/338"
    },
    {
      "type": "WEB",
      "url": "https://github.com/IJHack/QtPass/releases/tag/v1.2.1"
    },
    {
      "type": "WEB",
      "url": "https://lists.zx2c4.com/pipermail/password-store/2018-January/003165.html"
    },
    {
      "type": "WEB",
      "url": "https://qtpass.org"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-W287-9Q69-3HX9

Vulnerability from github – Published: 2025-01-04 00:33 – Updated: 2025-01-21 18:31
VLAI
Details

In Net::OAuth::Client in the Net::OAuth package before 0.29 for Perl, the default nonce is a 32-bit integer generated from the built-in rand() function, which is not cryptographically strong.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-22376"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-338"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-01-03T22:15:07Z",
    "severity": "CRITICAL"
  },
  "details": "In Net::OAuth::Client in the Net::OAuth package before 0.29 for Perl, the default nonce is a 32-bit integer generated from the built-in rand() function, which is not cryptographically strong.",
  "id": "GHSA-w287-9q69-3hx9",
  "modified": "2025-01-21T18:31:04Z",
  "published": "2025-01-04T00:33:40Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22376"
    },
    {
      "type": "WEB",
      "url": "https://github.com/keeth/Net-OAuth/commit/2aa25e04aadab247ae4063363fcee177161e1f42"
    },
    {
      "type": "WEB",
      "url": "https://datatracker.ietf.org/doc/html/rfc5849#section-3.3"
    },
    {
      "type": "WEB",
      "url": "https://datatracker.ietf.org/doc/html/rfc5849#section-4.10"
    },
    {
      "type": "WEB",
      "url": "https://metacpan.org/release/KGRENNAN/Net-OAuth-0.28/source/lib/Net/OAuth/Client.pm#L260"
    },
    {
      "type": "WEB",
      "url": "https://metacpan.org/release/RRWO/Net-OAuth-0.29/changes"
    },
    {
      "type": "WEB",
      "url": "https://metacpan.org/release/RRWO/Net-OAuth-0.29/diff/KGRENNAN/Net-OAuth-0.28#lib/Net/OAuth/Client.pm"
    },
    {
      "type": "WEB",
      "url": "https://www.vulnarium.com/blogpost-2025-01-05"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-W5V5-5VPM-87MX

Vulnerability from github – Published: 2022-02-10 00:00 – Updated: 2022-02-10 00:00
VLAI
Details

Z-Wave devices from Sierra Designs (circa 2013) and Silicon Labs (using S0 security) may use a known, shared network key of all zeros, allowing an attacker within radio range to spoof Z-Wave traffic.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2013-20003"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-338"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-02-04T23:15:00Z",
    "severity": "HIGH"
  },
  "details": "Z-Wave devices from Sierra Designs (circa 2013) and Silicon Labs (using S0 security) may use a known, shared network key of all zeros, allowing an attacker within radio range to spoof Z-Wave traffic.",
  "id": "GHSA-w5v5-5vpm-87mx",
  "modified": "2022-02-10T00:00:50Z",
  "published": "2022-02-10T00:00:50Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-20003"
    },
    {
      "type": "WEB",
      "url": "https://orangecyberdefense.com/global/blog/sensepost/blackhat-conference-z-wave-security"
    },
    {
      "type": "WEB",
      "url": "https://sensepost.com/cms/resources/conferences/2013/bh_zwave/Security%20Evaluation%20of%20Z-Wave_WP.pdf"
    },
    {
      "type": "WEB",
      "url": "https://www.pentestpartners.com/security-blog/z-shave-exploiting-z-wave-downgrade-attacks"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-W6W2-2WXG-GGWX

Vulnerability from github – Published: 2025-06-16 12:30 – Updated: 2025-06-16 15:32
VLAI
Details

Mojolicious::Plugin::CaptchaPNG version 1.05 for Perl uses a weak random number source for generating the captcha.

That version uses the built-in rand() function for generating the captcha text as well as image noise, which is insecure.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-40916"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-338"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-06-16T11:15:17Z",
    "severity": "CRITICAL"
  },
  "details": "Mojolicious::Plugin::CaptchaPNG version 1.05 for Perl uses a weak random number source for generating the captcha.\n\nThat version uses the built-in rand() function for generating the captcha text as well as image noise, which is insecure.",
  "id": "GHSA-w6w2-2wxg-ggwx",
  "modified": "2025-06-16T15:32:26Z",
  "published": "2025-06-16T12:30:26Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-40916"
    },
    {
      "type": "WEB",
      "url": "https://metacpan.org/pod/perlfunc#rand"
    },
    {
      "type": "WEB",
      "url": "https://metacpan.org/release/GRYPHON/Mojolicious-Plugin-CaptchaPNG-1.04/diff/GRYPHON/Mojolicious-Plugin-CaptchaPNG-1.05/lib/Mojolicious/Plugin/CaptchaPNG.pm"
    },
    {
      "type": "WEB",
      "url": "https://metacpan.org/release/GRYPHON/Mojolicious-Plugin-CaptchaPNG-1.06/changes"
    },
    {
      "type": "WEB",
      "url": "https://security.metacpan.org/docs/guides/random-data-for-security.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-W6XH-RJX5-X9M5

Vulnerability from github – Published: 2023-06-06 18:30 – Updated: 2024-04-04 04:36
VLAI
Details

Landscape cryptographic keys were insecurely generated with a weak pseudo-random generator.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-32549"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-338"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-06-06T16:15:10Z",
    "severity": "HIGH"
  },
  "details": "Landscape cryptographic keys were insecurely generated with a weak pseudo-random generator.",
  "id": "GHSA-w6xh-rjx5-x9m5",
  "modified": "2024-04-04T04:36:05Z",
  "published": "2023-06-06T18:30:20Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-32549"
    },
    {
      "type": "WEB",
      "url": "https://bugs.launchpad.net/landscape/+bug/1929034"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-W88F-4875-99C8

Vulnerability from github – Published: 2025-11-26 09:31 – Updated: 2025-11-26 23:19
VLAI
Summary
Apache Druid’s Kerberos authenticator uses a weak fallback secret
Details

Apache Druid’s Kerberos authenticator uses a weak fallback secret when the druid.auth.authenticator.kerberos.cookieSignatureSecret configuration is not explicitly set. In this case, the secret is generated using ThreadLocalRandom, which is not a crypto-graphically secure random number generator. This may allow an attacker to predict or brute force the secret used to sign authentication cookies, potentially enabling token forgery or authentication bypass. Additionally, each process generates its own fallback secret, resulting in inconsistent secrets across nodes. This causes authentication failures in distributed or multi-broker deployments, effectively leading to a incorrectly configured clusters. Users are advised to configure a strong druid.auth.authenticator.kerberos.cookieSignatureSecret

This issue affects Apache Druid: through 34.0.0.

Users are recommended to upgrade to version 35.0.0, which fixes the issue making it mandatory to set druid.auth.authenticator.kerberos.cookieSignatureSecret when using the Kerberos authenticator. Services will fail to come up if the secret is not set.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.druid:druid"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "35.0.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-59390"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-338"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-11-26T23:19:18Z",
    "nvd_published_at": "2025-11-26T09:15:46Z",
    "severity": "CRITICAL"
  },
  "details": "Apache Druid\u2019s Kerberos authenticator uses a weak fallback secret when the `druid.auth.authenticator.kerberos.cookieSignatureSecret` configuration is not explicitly set. In this case, the secret is generated using `ThreadLocalRandom`, which is not a crypto-graphically secure random number generator. This  may allow an attacker to predict or brute force the secret used to sign authentication cookies, potentially enabling token forgery or authentication bypass. Additionally, each process generates its own fallback secret, resulting in inconsistent secrets across nodes. This causes authentication failures in distributed or multi-broker deployments, effectively leading to a incorrectly configured clusters. Users are advised to configure a strong\u00a0`druid.auth.authenticator.kerberos.cookieSignatureSecret`\n\nThis issue affects Apache Druid: through 34.0.0.\n\nUsers are recommended to upgrade to version 35.0.0, which fixes the issue making it mandatory to set `druid.auth.authenticator.kerberos.cookieSignatureSecret` when using the\u00a0Kerberos authenticator. Services will fail to come up if the secret is not set.",
  "id": "GHSA-w88f-4875-99c8",
  "modified": "2025-11-26T23:19:18Z",
  "published": "2025-11-26T09:31:21Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59390"
    },
    {
      "type": "WEB",
      "url": "https://github.com/apache/druid/pull/18368"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/apache/druid"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread/jwjltllnntgj1sb9wzsjmvwm9f8rlhg8"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2025/11/26/1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Apache Druid\u2019s Kerberos authenticator uses a weak fallback secret"
}

GHSA-WCW3-C785-7Q5X

Vulnerability from github – Published: 2025-12-22 15:30 – Updated: 2025-12-22 15:30
VLAI
Details

Use of a weak pseudo-random number generator, which may allow an attacker to read or inject encrypted PowerG packets.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-26379"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-338"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-12-22T15:16:00Z",
    "severity": "HIGH"
  },
  "details": "Use of a weak pseudo-random number generator, which may allow an attacker to read or inject encrypted PowerG packets.",
  "id": "GHSA-wcw3-c785-7q5x",
  "modified": "2025-12-22T15:30:21Z",
  "published": "2025-12-22T15:30:21Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-26379"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-350-02"
    },
    {
      "type": "WEB",
      "url": "https://www.johnsoncontrols.com/trust-center/cybersecurity/security-advisories"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:H/VA:L/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-WR3G-2HMF-PGF3

Vulnerability from github – Published: 2022-05-24 17:12 – Updated: 2022-05-24 17:12
VLAI
Details

An issue was discovered in iNextrix ASTPP before 4.0.1. web_interface/astpp/application/config/config.php does not have strong random keys, as demonstrated by use of the 8YSDaBtDHAB3EQkxPAyTz2I5DttzA9uR private key and the r)fddEw232f encryption key.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-15075"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-338"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-03-20T18:15:00Z",
    "severity": "MODERATE"
  },
  "details": "An issue was discovered in iNextrix ASTPP before 4.0.1. web_interface/astpp/application/config/config.php does not have strong random keys, as demonstrated by use of the 8YSDaBtDHAB3EQkxPAyTz2I5DttzA9uR private key and the r)fddEw232f encryption key.",
  "id": "GHSA-wr3g-2hmf-pgf3",
  "modified": "2022-05-24T17:12:00Z",
  "published": "2022-05-24T17:12:00Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-15075"
    },
    {
      "type": "WEB",
      "url": "https://github.com/iNextrix/ASTPP/commit/9877ec62556f0470030acd306b24bc94fdcbe2ae"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-WWVV-X5MQ-H3JJ

Vulnerability from github – Published: 2021-09-01 18:35 – Updated: 2021-08-30 20:28
VLAI
Summary
Use of Cryptographically Weak Pseudo-Random Number Generator in yiisoft/yii2-dev
Details

yii2 is vulnerable to Use of Predictable Algorithm in Random Number Generator

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "yiisoft/yii2-dev"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.0.43"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2021-3692"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-330",
      "CWE-338"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2021-08-30T20:28:42Z",
    "nvd_published_at": "2021-08-10T17:15:00Z",
    "severity": "MODERATE"
  },
  "details": "yii2 is vulnerable to Use of Predictable Algorithm in Random Number Generator",
  "id": "GHSA-wwvv-x5mq-h3jj",
  "modified": "2021-08-30T20:28:42Z",
  "published": "2021-09-01T18:35:26Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3692"
    },
    {
      "type": "WEB",
      "url": "https://github.com/yiisoft/yii2/commit/13f27e4d920a05d53236139e8b07007acd046a46"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/yiisoft/yii2"
    },
    {
      "type": "WEB",
      "url": "https://huntr.dev/bounties/55517f19-5c28-4db2-8b00-f78f841e8aba"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Use of Cryptographically Weak Pseudo-Random Number Generator in yiisoft/yii2-dev"
}

GHSA-X97H-G784-4PW8

Vulnerability from github – Published: 2025-04-10 12:31 – Updated: 2025-04-10 15:31
VLAI
Details

In jenkins/ssh-agent Docker images 6.11.1 and earlier, SSH host keys are generated on image creation for images based on Debian, causing all containers based on images of the same version use the same SSH host keys, allowing attackers able to insert themselves into the network path between the SSH client (typically the Jenkins controller) and SSH build agent to impersonate the latter.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-32754"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-338"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-04-10T12:15:16Z",
    "severity": "CRITICAL"
  },
  "details": "In jenkins/ssh-agent Docker images 6.11.1 and earlier, SSH host keys are generated on image creation for images based on Debian, causing all containers based on images of the same version use the same SSH host keys, allowing attackers able to insert themselves into the network path between the SSH client (typically the Jenkins controller) and SSH build agent to impersonate the latter.",
  "id": "GHSA-x97h-g784-4pw8",
  "modified": "2025-04-10T15:31:48Z",
  "published": "2025-04-10T12:31:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-32754"
    },
    {
      "type": "WEB",
      "url": "https://www.jenkins.io/security/advisory/2025-04-10/#SECURITY-3565"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation
Implementation

Use functions or hardware which use a hardware-based random number generation for all crypto. This is the recommended solution. Use CyptGenRandom on Windows, or hw_rand() on Linux.

No CAPEC attack patterns related to this CWE.