Elixir@0.7.1 vulnerabilities

Declarative Mapper for SQLAlchemy

Direct Vulnerabilities

Known vulnerabilities in the Elixir package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • H
Insecure Randomness

Elixir is a Declarative Mapper for SQLAlchemy

Affected versions of this package are vulnerable to Insecure Randomness. Elixir uses Blowfish in CFB mode without constructing a unique initialization vector (IV), which makes it easier for context-dependent users to obtain sensitive information and decrypt the database.

How to fix Insecure Randomness?

There is no fixed version for Elixir.

[0,)