Vulnerability	Vulnerable Version
H Use of Insufficiently Random Values Affected versions of this package are vulnerable to Use of Insufficiently Random Values due to the use of `java.util.random` for generating session identifiers. An attacker can guess a session identifier through brute force attacks, bypass authentication requirements, and possibly conduct cross-site request forgery attacks. How to fix Use of Insufficiently Random Values? Upgrade `org.mortbay.jetty:cometd` to version 6.0.2, 6.1.0pre3 or higher.	[,6.0.2)[6.1.0pre1,6.1.0pre3)

Use of Insufficiently Random Values

Affected versions of this package are vulnerable to Use of Insufficiently Random Values due to the use of java.util.random for generating session identifiers. An attacker can guess a session identifier through brute force attacks, bypass authentication requirements, and possibly conduct cross-site request forgery attacks.

How to fix Use of Insufficiently Random Values?

Upgrade org.mortbay.jetty:cometd to version 6.0.2, 6.1.0pre3 or higher.

[,6.0.2)[6.1.0pre1,6.1.0pre3)

Go back to all versions of this package