CVE-2013-0294: Use of Password Hash With Insufficient Computational Effort
(updated )
packet.py
uses weak random numbers to generate RADIUS authenticators and hash passwords, which makes it easier for remote attackers to obtain sensitive information via a brute force attack.
References
Detect and mitigate CVE-2013-0294 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →