- H
crypto-browserify
is implementation of crypto for the browser.
Affected versions of the package are vulnerable to Insecure Randomness due to using the cryptographically insecure Math.random()
. This function can produce predictable values and should not be used in security-sensitive context.
How to fix Insecure Randomness?
Upgrade crypto-browserify
to version 2.1.11 or higher.
<2.1.11