Barryvdh

**Name of the Vulnerable Software and Affected Versions** Magento 2 (affected versions not specified) **Description** The issue concerns the generation of a random number for the initialization vector in the ` construct` function, located in Framework/Encryption/Crypt.php. This function utilizes the PHP `rand` function, which can make it easier for remote attackers to guess the value and defeat cryptographic protection mechanisms. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.