Get Started
- CodeAnt AI
- Control Center
- Pull Request Review
- IDE
- Compliance
- Anti-Patterns
- Code Governance
- Infrastructure Security Database
- Application Security Database
- Apex
- Bash
- C
- Clojure
- Cpp
- Lang
- Correctness
- Security
- Containers
- Crypto
- Filesystem
- Format-string
- Ldap
- Libraries
- Memory
- Misc
- Rng
- Predictable-seed-rng-constant
- Predictable-seed-rng-time
- Sql
- Strings
- System-command
- Uri
- Use-after-free
- Libxml2
- Csharp
- Dockerfile
- Elixir
- Fingerprints
- Generic
- Go
- Html
- Java
- Javascript
- Json
- Kotlin
- Ocaml
- Php
- Problem-based-packs
- Python
- Ruby
- Rust
- Scala
- Solidity
- Swift
- Terraform
- Typescript
- Yaml
Predictable-seed-rng-time
Predictable seed rng time
The seed value of a Pseudo Random Number Generator (PRNG) is directly derived from the time, which is highly predictable. Do not use values from this PRNG to derive a secrets, such as passwords or cryptographic keys.
Likelihood: LOW
Confidence: HIGH
CWE:
- CWE-337: Predictable Seed in Pseudo-Random Number Generator (PRNG)
OWASP:
- A02:2021 - Cryptographic Failures