FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

phpmyadmin -- Insecure password generation in JavaScript

Affected packages
4.5.0 <= phpmyadmin < 4.5.4


VuXML ID 6f0c2d1b-c60b-11e5-bf36-6805ca0b3d42
Discovery 2016-01-28
Entry 2016-01-28

The phpMyAdmin development team reports:

Password suggestion functionality uses Math.random() which does not provide cryptographically secure random numbers.

We consider this vulnerability to be non-critical.


CVE Name CVE-2016-1927