VYPR
Unrated severityNVD Advisory· Published Mar 4, 2021· Updated Feb 25, 2026

[20210302] - Core - Potential Insecure FOFEncryptRandval

CVE-2021-23128

Description

An issue was discovered in Joomla! 3.2.0 through 3.9.24. The core shipped but unused randval implementation within FOF (FOFEncryptRandval) used an potential insecure implemetation. That has now been replaced with a call to 'random_bytes()' and its backport that is shipped within random_compat.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • Joomla/Joomla!llm-fuzzy2 versions
    >=3.2.0, <=3.9.24+ 1 more
    • (no CPE)range: >=3.2.0, <=3.9.24
    • (no CPE)range: 3.2.0-3.9.24
  • osv-coords
    Range: >= 3.2.0, < 3.9.25

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.