cdo-local-uuid project provides a specialized UUID-generating function that can, on user request, cause a program to generate deterministic UUIDs. An information leakage vulnerability is present in `cdo-local-uuid` at version `0.4.0`, and in `case-utils` in unpatched versions (matching the pattern `0.x.0`) at and since `0.5.0`, before `0.15.0`. The vulnerability stems from a Python function, `cdo_local_uuid.local_uuid()`, and its original implementation `case_utils.local_uuid()`.
2024-01-11T03:15:10.933
2024-11-21T08:55:46.203
Modified
CVSSv3.1: 2.2 (LOW)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | lfprojects | case_python_utilities | 0.5.0 | Yes |
| Application | lfprojects | case_python_utilities | 0.6.0 | Yes |
| Application | lfprojects | case_python_utilities | 0.7.0 | Yes |
| Application | lfprojects | case_python_utilities | 0.8.0 | Yes |
| Application | lfprojects | case_python_utilities | 0.9.0 | Yes |
| Application | lfprojects | case_python_utilities | 0.10.0 | Yes |
| Application | lfprojects | case_python_utilities | 0.11.0 | Yes |
| Application | lfprojects | case_python_utilities | 0.12.0 | Yes |
| Application | lfprojects | case_python_utilities | 0.13.0 | Yes |
| Application | lfprojects | case_python_utilities | 0.14.0 | Yes |
| Application | lfprojects | cdo_local_uuid_utility | 0.4.0 | Yes |