CWE-330 | Use of Insufficiently Random Values #1830
Labels
enhancement
New feature or request
Comments
marandaneto
moved this from Needs Discussion
to Needs Investigation
in Mobile & Cross Platform SDK
marandaneto
moved this from Needs Investigation
to Backlog
in Mobile & Cross Platform SDK
marandaneto
added
enhancement
|
@mr-africa changing does not hurt either, thanks for reporting. |
4 tasks
|
@marandaneto I submitted a pull request. But I don't know how to test my changes it could you review it and test if possible. |
|
@marandaneto Can I ask one more question. When these changes will be available in sentry-react-native? |
7 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hello!
My react native android app was audited by some security company. And they have found an issue in sentry-java codebase. I know it's a weird issue and it's ok to use insecure random not in cipher algorithms. But my employer require to fix these issues.
Could you change please
to
in files:
https://github.com/getsentry/sentry-java/blob/main/sentry/src/main/java/io/sentry/SentryClient.java#L19
and
https://github.com/getsentry/sentry-java/blob/main/sentry/src/main/java/io/sentry/TracesSampler.java#L4
The text was updated successfully, but these errors were encountered: