insecure-random
insecure-random
A random number generator was detected which is not guaranteed to be Cryptographically secure. If the source of entropy is used for security purposes (e.g. with other Cryptographic operations), make sure to use the
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-338: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)
OWASP:
- A02:2021 - Cryptographic Failures
SecCopyRandomBytes
API explicitly.Likelihood: LOW
Confidence: LOW
CWE:
- CWE-338: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)
OWASP:
- A02:2021 - Cryptographic Failures