Home Unlabelled IBM Security Bulletin: node-uuid unsafe fallback to Math.random (CVE-2015-8851)

IBM Security Bulletin: node-uuid unsafe fallback to Math.random (CVE-2015-8851)

By
Monday, May 16, 2016
Read
Add Comment

A vulnerability in the node-uuid module causes the module to fallback on math.random under certain circumstances, which leads to predictable UUIDs. The node-uuid module is used by the Node.js Package Manager (npm).



CVE(s): CVE-2015-8851


Affected product(s) and affected version(s):

IBM Rational Application Developer for WebSphere Software v9.1 and v9.5



Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/1ZXf3HS
X-Force Database: http://ift.tt/1rhWrH8


from IBM Product Security Incident Response Team http://ift.tt/1ZXfbXQ
Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us