cdo-local-uuid project provides a specialized UUID-generating function that can, on user request, cause a program to generate deterministic UUIDs. An information leakage vulnerability is present in `cdo-local-uuid` at version `0.4.0`, and in `case-utils` in unpatched versions (matching the pattern `0.x.0`) at and since `0.5.0`, before `0.15.0`. The vulnerability stems from a Python function, `cdo_local_uuid.local_uuid()`, and its original implementation `case_utils.local_uuid()`.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
lfprojects case python utilities 0.5.0 |
||
lfprojects case python utilities 0.6.0 |
||
lfprojects case python utilities 0.7.0 |
||
lfprojects case python utilities 0.8.0 |
||
lfprojects case python utilities 0.9.0 |
||
lfprojects case python utilities 0.10.0 |
||
lfprojects case python utilities 0.11.0 |
||
lfprojects case python utilities 0.12.0 |
||
lfprojects case python utilities 0.13.0 |
||
lfprojects case python utilities 0.14.0 |
||
lfprojects cdo local uuid utility 0.4.0 |