GMS-2017-126: Random Token based off Math.random()

April 14, 2017

The OAuth Random Token is generated using a non-cryptographically strong RNG (Math.random()).

References

github.com/tableflip/react-native-meteor-oauth/blob/a7eb738b74c469f5db20296b44b7cae4e2337435/src/meteor-oauth.js

Code Behaviors & Features

Detect and mitigate GMS-2017-126 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →