Vulnerabilities (CVE)

Filtered by vendor Magento Subscribe
Filtered by product Magento2
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2016-6485 1 Magento 1 Magento2 2024-02-04 5.0 MEDIUM 7.5 HIGH
The __construct function in Framework/Encryption/Crypt.php in Magento 2 uses the PHP rand function to generate a random number for the initialization vector, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by guessing the value.