CVE-2024-45751
MEDIUM5.9EPSS 0.31%tgt - security update
發布日:2024/9/6修改日:2026/4/28
描述
tgt (aka Linux target framework) before 1.0.93 attempts to achieve entropy by calling rand without srand. The PRNG seed is always 1, and thus the sequence of challenges is always identical.
受影響套件(2)
- Debian/tgtfrom 0, < 1:1.0.80-1+deb11u1
- Debian/tgtfrom 0, < 1:1.0.80-1+deb11u1
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 3.1 | MEDIUM5.9 | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N |