QID 997637
Date Published: 2024-03-06
QID 997637: Python (Pip) Security Update for pyrad (GHSA-q4v3-wmm6-hcrx)
packet.py in pyrad before 2.1 uses weak random numbers to generate RADIUS authenticators and hash passwords, which makes it easier for remote attackers to obtain sensitive information via a brute force attack.
Successful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.
Solution
Refer to Github security advisory GHSA-q4v3-wmm6-hcrx for updates and patch information.
Vendor References
- GHSA-q4v3-wmm6-hcrx -
github.com/advisories/GHSA-q4v3-wmm6-hcrx
CVEs related to QID 997637
Software Advisories
| Advisory ID | Software | Component | Link |
|---|---|---|---|
| GHSA-q4v3-wmm6-hcrx | pyrad |
|