CWE-331
AllowedInsufficient Entropy
Abstraction: Base · Status: Draft
The product uses an algorithm or scheme that produces insufficient entropy, leaving patterns or clusters of values that are more likely to occur than others.
207 vulnerabilities reference this CWE, most recent first.
GHSA-CVMX-9H9Q-8HMW
Vulnerability from github – Published: 2022-05-13 01:36 – Updated: 2022-05-13 01:36It was discovered that libXdmcp before 1.1.2 including used weak entropy to generate session keys. On a multi-user system using xdmcp, a local attacker could potentially use information available from the process list to brute force the key, allowing them to hijack other users' sessions.
{
"affected": [],
"aliases": [
"CVE-2017-2625"
],
"database_specific": {
"cwe_ids": [
"CWE-331"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-07-27T18:29:00Z",
"severity": "MODERATE"
},
"details": "It was discovered that libXdmcp before 1.1.2 including used weak entropy to generate session keys. On a multi-user system using xdmcp, a local attacker could potentially use information available from the process list to brute force the key, allowing them to hijack other users\u0027 sessions.",
"id": "GHSA-cvmx-9h9q-8hmw",
"modified": "2022-05-13T01:36:52Z",
"published": "2022-05-13T01:36:52Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-2625"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2017:1865"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2017-2625"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1424987"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2625"
},
{
"type": "WEB",
"url": "https://cgit.freedesktop.org/xorg/lib/libXdmcp/commit/?id=0554324ec6bbc2071f5d1f8ad211a1643e29eb1f"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2019/11/msg00024.html"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/201704-03"
},
{
"type": "WEB",
"url": "https://www.x41-dsec.de/lab/advisories/x41-2017-001-xorg"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/96480"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1037919"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-FGHC-HPWQ-XM37
Vulnerability from github – Published: 2026-07-07 09:37 – Updated: 2026-07-07 15:32EEPROM firmware on Raspberry Pi 5 and Compute Module 5 devices produced non-random KASLR and RNG seed values. This resulted in consistent kernel addresses across boots and devices, potentially making it easier to exploit other vulnerabilities. Additionally, the low-quality RNG seed may affect the quality of random numbers or delay booting while sufficient entropy is accumulated from other sources.
{
"affected": [],
"aliases": [
"CVE-2026-13199"
],
"database_specific": {
"cwe_ids": [
"CWE-331"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-07-07T09:16:29Z",
"severity": "MODERATE"
},
"details": "EEPROM firmware on Raspberry Pi 5 and Compute Module 5 devices produced non-random KASLR and RNG seed values. This resulted in consistent kernel addresses across boots and devices, potentially making it easier to exploit other vulnerabilities. Additionally, the low-quality RNG seed may affect the quality of random numbers or delay booting while sufficient entropy is accumulated from other sources.",
"id": "GHSA-fghc-hpwq-xm37",
"modified": "2026-07-07T15:32:56Z",
"published": "2026-07-07T09:37:54Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-13199"
},
{
"type": "WEB",
"url": "https://github.com/raspberrypi/rpi-eeprom/pull/841"
},
{
"type": "WEB",
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2026-13199"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-FMG6-246M-9G2V
Vulnerability from github – Published: 2026-04-03 03:41 – Updated: 2026-04-03 03:41Impact
In applications built with the Auth0 PHP SDK, cookies are encrypted with insufficient entropy, which may result in threat actors brute-forcing the encryption key and forging session cookies.
Am I Affected?
You are affected if you meet the following preconditions:
- Applications using laravel-auth0 SDK, versions between 7.0.0 and 7.20.0
- Laravel-auth0 SDK using the Auth0-PHP SDK versions between 8.0.0 to 8.18.0.
Resolution
Upgrade Auth0/laravel-auth0 to version 7.21.0 or greater.
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 7.20.0"
},
"package": {
"ecosystem": "Packagist",
"name": "auth0/login"
},
"ranges": [
{
"events": [
{
"introduced": "7.0.0"
},
{
"fixed": "7.21.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [],
"database_specific": {
"cwe_ids": [
"CWE-331"
],
"github_reviewed": true,
"github_reviewed_at": "2026-04-03T03:41:04Z",
"nvd_published_at": null,
"severity": "HIGH"
},
"details": "### Impact\nIn applications built with the Auth0 PHP SDK, cookies are encrypted with insufficient entropy, which may result in threat actors brute-forcing the encryption key and forging session cookies.\n\n### Am I Affected?\nYou are affected if you meet the following preconditions:\n\n- Applications using laravel-auth0 SDK, versions between 7.0.0 and 7.20.0\n- Laravel-auth0 SDK using the Auth0-PHP SDK versions between 8.0.0 to 8.18.0.\n\n\n### Resolution\nUpgrade Auth0/laravel-auth0 to version 7.21.0 or greater.",
"id": "GHSA-fmg6-246m-9g2v",
"modified": "2026-04-03T03:41:04Z",
"published": "2026-04-03T03:41:04Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/auth0/laravel-auth0/security/advisories/GHSA-fmg6-246m-9g2v"
},
{
"type": "PACKAGE",
"url": "https://github.com/auth0/laravel-auth0"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N",
"type": "CVSS_V3"
}
],
"summary": "Auth0 laravel-auth0 SDK has Insufficient Entropy in Cookie Encryption"
}
GHSA-FPQV-CR66-H6PC
Vulnerability from github – Published: 2026-04-16 18:31 – Updated: 2026-07-14 15:31libexpat before 2.7.6 uses insufficient entropy, and thus hash flooding can occur via a crafted XML document.
{
"affected": [],
"aliases": [
"CVE-2026-41080"
],
"database_specific": {
"cwe_ids": [
"CWE-331"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-04-16T17:16:54Z",
"severity": "LOW"
},
"details": "libexpat before 2.7.6 uses insufficient entropy, and thus hash flooding can occur via a crafted XML document.",
"id": "GHSA-fpqv-cr66-h6pc",
"modified": "2026-07-14T15:31:51Z",
"published": "2026-04-16T18:31:22Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41080"
},
{
"type": "WEB",
"url": "https://github.com/libexpat/libexpat/issues/47"
},
{
"type": "WEB",
"url": "https://github.com/libexpat/libexpat/pull/1183"
},
{
"type": "WEB",
"url": "https://blog.hartwork.org/posts/expat-2-8-0-released"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-082556.html"
},
{
"type": "WEB",
"url": "https://www.openwall.com/lists/oss-security/2026/04/26/1"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2026/04/26/1"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-G3HM-J3WC-JCG9
Vulnerability from github – Published: 2025-03-28 03:30 – Updated: 2025-09-05 15:31Data::Entropy for Perl 0.007 and earlier use the rand() function as the default source of entropy, which is not cryptographically secure, for cryptographic functions.
{
"affected": [],
"aliases": [
"CVE-2025-1860"
],
"database_specific": {
"cwe_ids": [
"CWE-331",
"CWE-338"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-03-28T01:15:16Z",
"severity": "HIGH"
},
"details": "Data::Entropy for Perl 0.007 and earlier use the rand() function as the default source of entropy, which is not\u00a0cryptographically secure,\u00a0for cryptographic functions.",
"id": "GHSA-g3hm-j3wc-jcg9",
"modified": "2025-09-05T15:31:06Z",
"published": "2025-03-28T03:30:24Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-1860"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00026.html"
},
{
"type": "WEB",
"url": "https://metacpan.org/release/ZEFRAM/Data-Entropy-0.007/source/lib/Data/Entropy.pm#L80"
},
{
"type": "WEB",
"url": "https://perldoc.perl.org/functions/rand"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-GFJ4-2P4P-M25J
Vulnerability from github – Published: 2025-04-07 15:31 – Updated: 2025-04-07 21:32Web::API 2.8 and earlier for Perl uses the rand() function as the default source of entropy, which is not cryptographically secure, for cryptographic functions.
Specifically Web::API uses the Data::Random library which specifically states that it is "Useful mostly for test programs". Data::Random uses the rand() function.
{
"affected": [],
"aliases": [
"CVE-2024-57868"
],
"database_specific": {
"cwe_ids": [
"CWE-331",
"CWE-338"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-04-05T16:15:33Z",
"severity": "MODERATE"
},
"details": "Web::API 2.8 and earlier for Perl uses the rand() function as the default source of entropy, which is not cryptographically secure, for cryptographic functions.\n\nSpecifically Web::API uses the Data::Random library which specifically states that it is \"Useful mostly for test programs\". Data::Random uses the rand() function.",
"id": "GHSA-gfj4-2p4p-m25j",
"modified": "2025-04-07T21:32:07Z",
"published": "2025-04-07T15:31:10Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-57868"
},
{
"type": "WEB",
"url": "https://metacpan.org/dist/Web-API/source/lib/Web/API.pm#L20"
},
{
"type": "WEB",
"url": "https://metacpan.org/dist/Web-API/source/lib/Web/API.pm#L348"
},
{
"type": "WEB",
"url": "https://metacpan.org/release/BAREFOOT/Data-Random-0.13/source/lib/Data/Random.pm#L537"
},
{
"type": "WEB",
"url": "https://perldoc.perl.org/functions/rand"
},
{
"type": "WEB",
"url": "https://security.metacpan.org/docs/guides/random-data-for-security.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-GHC5-95C2-VWCV
Vulnerability from github – Published: 2026-04-03 03:44 – Updated: 2026-04-03 03:44Impact
In applications built with the Auth0 PHP SDK, cookies are encrypted with insufficient entropy, which may result in threat actors brute-forcing the encryption key and forging session cookies.
Am I Affected?
Consumers are affected if their application meets the following preconditions: - It uses the Auth0 Symfony SDK, versions between 5.0.0 and 5.7.0 - Auth0 Symfony SDK using the Auth0-PHP SDK versions between 8.0.0 to 8.18.0.
Resolution
Upgrade Auth0/symfony-auth0 to version 5.8.0 or greater.
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 5.7.0"
},
"package": {
"ecosystem": "Packagist",
"name": "auth0/symfony"
},
"ranges": [
{
"events": [
{
"introduced": "5.0.0"
},
{
"fixed": "5.8.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [],
"database_specific": {
"cwe_ids": [
"CWE-331"
],
"github_reviewed": true,
"github_reviewed_at": "2026-04-03T03:44:13Z",
"nvd_published_at": null,
"severity": "HIGH"
},
"details": "### Impact\nIn applications built with the Auth0 PHP SDK, cookies are encrypted with insufficient entropy, which may result in threat actors brute-forcing the encryption key and forging session cookies.\n\n### Am I Affected?\nConsumers are affected if their application meets the following preconditions:\n- It uses the Auth0 Symfony SDK, versions between 5.0.0 and 5.7.0\n- Auth0 Symfony SDK using the Auth0-PHP SDK versions between 8.0.0 to 8.18.0.\n\n### Resolution\nUpgrade Auth0/symfony-auth0 to version 5.8.0 or greater.",
"id": "GHSA-ghc5-95c2-vwcv",
"modified": "2026-04-03T03:44:13Z",
"published": "2026-04-03T03:44:13Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/auth0/symfony/security/advisories/GHSA-ghc5-95c2-vwcv"
},
{
"type": "PACKAGE",
"url": "https://github.com/auth0/symfony"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N",
"type": "CVSS_V3"
}
],
"summary": "Auth0 Symfony SDK has Insufficient Entropy in Cookie Encryption"
}
GHSA-GQ9M-QVPX-68HC
Vulnerability from github – Published: 2019-08-21 16:15 – Updated: 2024-11-19 18:05Pallets Werkzeug before 0.15.3, when used with Docker, has insufficient debugger PIN randomness because Docker containers share the same machine id.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "werkzeug"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.15.3"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2019-14806"
],
"database_specific": {
"cwe_ids": [
"CWE-331"
],
"github_reviewed": true,
"github_reviewed_at": "2019-08-21T16:01:59Z",
"nvd_published_at": "2019-08-09T15:15:00Z",
"severity": "HIGH"
},
"details": "Pallets Werkzeug before 0.15.3, when used with Docker, has insufficient debugger PIN randomness because Docker containers share the same machine id.",
"id": "GHSA-gq9m-qvpx-68hc",
"modified": "2024-11-19T18:05:58Z",
"published": "2019-08-21T16:15:24Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14806"
},
{
"type": "WEB",
"url": "https://github.com/pallets/werkzeug/commit/00bc43b1672e662e5e3b8cecd79e67fc968fa246"
},
{
"type": "PACKAGE",
"url": "https://github.com/pallets/werkzeug"
},
{
"type": "WEB",
"url": "https://github.com/pallets/werkzeug/blob/7fef41b120327d3912fbe12fb64f1951496fcf3e/src/werkzeug/debug/__init__.py#L168"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/werkzeug/PYSEC-2019-140.yaml"
},
{
"type": "WEB",
"url": "https://palletsprojects.com/blog/werkzeug-0-15-3-released"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00034.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00047.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "Pallets Werkzeug Insufficient Entropy"
}
GHSA-H236-32WJ-MG7X
Vulnerability from github – Published: 2025-04-05 21:30 – Updated: 2025-04-14 18:31Net::Xero 0.044 and earlier for Perl uses the rand() function as the default source of entropy, which is not cryptographically secure, for cryptographic functions.
Specifically Net::Xero uses the Data::Random library which specifically states that it is "Useful mostly for test programs". Data::Random uses the rand() function.
{
"affected": [],
"aliases": [
"CVE-2024-56370"
],
"database_specific": {
"cwe_ids": [
"CWE-331",
"CWE-338"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-04-05T19:15:38Z",
"severity": "MODERATE"
},
"details": "Net::Xero 0.044 and earlier for Perl uses the rand() function as the default source of entropy, which is not cryptographically secure, for cryptographic functions.\n\nSpecifically Net::Xero uses the Data::Random library which specifically states that it is \"Useful mostly for test programs\". Data::Random uses the rand() function.",
"id": "GHSA-h236-32wj-mg7x",
"modified": "2025-04-14T18:31:48Z",
"published": "2025-04-05T21:30:22Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-56370"
},
{
"type": "WEB",
"url": "https://metacpan.org/release/BAREFOOT/Data-Random-0.13/source/lib/Data/Random.pm#L537"
},
{
"type": "WEB",
"url": "https://metacpan.org/release/ELLIOTT/Net-Xero-0.44/source/lib/Net/Xero.pm#L58"
},
{
"type": "WEB",
"url": "https://metacpan.org/release/ELLIOTT/Net-Xero-0.44/source/lib/Net/Xero.pm#L9"
},
{
"type": "WEB",
"url": "https://perldoc.perl.org/functions/rand"
},
{
"type": "WEB",
"url": "https://security.metacpan.org/docs/guides/random-data-for-security.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-H327-V36R-6RGJ
Vulnerability from github – Published: 2024-06-05 21:31 – Updated: 2024-06-05 21:31An issue was discovered in Samsung Mobile Processor, Automotive Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 2200, 1280, 1380, 1330, 9110, W920, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123. The baseband software does not properly check format types specified by the RRC. This can lead to a lack of encryption.
{
"affected": [],
"aliases": [
"CVE-2023-49927"
],
"database_specific": {
"cwe_ids": [
"CWE-311",
"CWE-331"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-06-05T19:15:11Z",
"severity": "MODERATE"
},
"details": "An issue was discovered in Samsung Mobile Processor, Automotive Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 2200, 1280, 1380, 1330, 9110, W920, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123. The baseband software does not properly check format types specified by the RRC. This can lead to a lack of encryption.",
"id": "GHSA-h327-v36r-6rgj",
"modified": "2024-06-05T21:31:27Z",
"published": "2024-06-05T21:31:27Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-49927"
},
{
"type": "WEB",
"url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
Mitigation
Determine the necessary entropy to adequately provide for randomness and predictability. This can be achieved by increasing the number of bits of objects such as keys and seeds.
CAPEC-59: Session Credential Falsification through Prediction
This attack targets predictable session ID in order to gain privileges. The attacker can predict the session ID used during a transaction to perform spoofing and session hijacking.