VYPR
Low severityNVD Advisory· Published Dec 27, 2022· Updated Apr 11, 2025

Insufficient randomness in github.com/Masterminds/goutils

CVE-2021-4238

Description

Randomly-generated alphanumeric strings contain significantly less entropy than expected. The RandomAlphaNumeric and CryptoRandomAlphaNumeric functions always return strings containing at least one digit from 0 to 9. This significantly reduces the amount of entropy in short strings generated by these functions.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
github.com/Masterminds/goutilsGo
< 1.1.11.1.1

Affected products

5

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.