Homepage
About Snyk

privacyidea@2.20.1 vulnerabilities

privacyIDEA: identity, multifactor authentication (OTP), authorization, audit

Go back to all versions of this package
Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the privacyidea package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • M
Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)

Affected versions of this package are vulnerable to Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in its use of the built-in random module.

How to fix Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)?

Upgrade privacyIDEA to version 3.9 or higher.

[,3.9)
  • M
Denial of Service (DoS)

privacyidea is an open solution for strong two-factor authentication.

Affected versions of this package are vulnerable to Denial of Service (DoS) attacks due to an Improper input validation in token validation api.

How to fix Denial of Service (DoS)?

Upgrade privacyidea to version 2.23.2 or higher.

[,2.23.2)
Go back to all versions of this package