cvedb.io
CVE-2021-4238
CRITICAL · CVSS 9.1
EPSS exploitation probability: 0%
Published 2022-12-27T22:15:12.073 · Last modified 2026-06-17T04:19:19.660

Summary

Randomly-generated alphanumeric strings contain significantly less entropy than expected. The RandomAlphaNumeric and CryptoRandomAlphaNumeric functions always return strings containing at least one digit from 0 to 9. This significantly reduces the amount of entropy in short strings generated by these functions.

Affected products

goutils_project — goutils

Does this affect you?

Add your gear to cvedb and we'll alert you only when goutils_project ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.