Skip to main content

Insufficient Entropy

CVE-2013-2260

Severity High
Score 9.8/10

Summary

Cryptocat before 2.0.22: Cryptocat.random() Function Array Key has Entropy Weakness

  • LOW
  • NETWORK
  • HIGH
  • UNCHANGED
  • NONE
  • NONE
  • HIGH
  • HIGH

CWE-331 - Insufficient Entropy

The software uses an algorithm or scheme that produces insufficient entropy, leaving patterns or clusters of values that are more likely to occur than others.

References

Advisory Timeline

  • Published