magento/magento2

GitHub

github.com

www.magento.com

Releases221

Frequency2 weeks 5 days

Last Release 28 days ago

Stars12.1K

Prior to making any Submission(s), you must sign an Adobe Contributor License Agreement, available here at: https://opensource.adobe.com/cla.html. All Submissions you make to Adobe Inc. and its affiliates, assigns and subsidiaries (collectively “Adobe”) are subject to the terms of the Adobe Contributor License Agreement.

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2016-6485 ↗	Mar 1, 2017Wednesday, 1 March 2017, 20:59	—	5 MEDIUM
The __construct function in Framework/Encryption/Crypt.php in Magento 2 uses the PHP rand function to generate a random number for the initialization vector, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by guessing the value.