Vulnerability Database
Blog
FAQ
Docs
GO-2022-0878
See a problem?
Source
https://pkg.go.dev/vuln/GO-2022-0878
Import Source
https://vuln.go.dev/ID/GO-2022-0878.json
JSON Data
https://api.osv.dev/v1/vulns/GO-2022-0878
Aliases
BIT-rclone-2020-28924
CVE-2020-28924
GHSA-rmw5-xpg9-jr29
Published
2024-08-21T15:29:06Z
Modified
2024-08-21T15:58:58.559623Z
Summary
Use of Cryptographically Weak Pseudo-Random Number Generator in Rclone in github.com/rclone/rclone
Details
Use of Cryptographically Weak Pseudo-Random Number Generator in Rclone in github.com/rclone/rclone
References
https://github.com/advisories/GHSA-rmw5-xpg9-jr29
https://nvd.nist.gov/vuln/detail/CVE-2020-28924
https://github.com/rclone/rclone/issues/4783
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UJIFT24Q6EFXLQZ24AER2QGFFZLMIPCD
https://security.gentoo.org/glsa/202107-14
Affected packages
Go
/
github.com/rclone/rclone
Package
Name
github.com/rclone/rclone
View open source insights on deps.dev
Purl
pkg:golang/github.com/rclone/rclone
Affected ranges
Type
SEMVER
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
1.53.3
GO-2022-0878 - OSV