← Back to CVE List

CVE-2022-23472

Published: 2022-12-06T18:15Z
Last Modified: 2024-11-21T06:48Z
Source: MITRE CVE List
License: MITRE-CVE-TOS
Passeo is an open source python password generator. Versions prior to 1.0.5 rely on the python `random` library for random value selection. The python `random` library warns that it should not be used for security purposes due to its reliance on a non-cryptographically secure random number generator. As a result a motivated attacker may be able to guess generated passwords. This issue has been addressed in version 1.0.5. Users are advised to upgrade. There are no known workarounds for this vulnerability. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt