CVE-2019-10064
HIGH7.5EPSS 1.4%wpa - security update
發布日:2020/2/28修改日:2026/4/28
描述
hostapd before 2.6, in EAP mode, makes calls to the rand() and random() standard library functions without any preceding srand() or srandom() call, which results in inappropriate use of deterministic values. This was fixed in conjunction with CVE-2016-10743.
受影響套件(3)
- Debian/wpafrom 0, < 2:2.6-7
- Debian/wpafrom 0, < 2.3-1+deb8u10
- Debian/wpafrom 0, < 2:2.4-1+deb9u7
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH7.5 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |