CVE-2017-16028

Name of the Vulnerable Software and Affected Versions: react-native-meteor-oauth (affected versions not specified) randomatic versions prior to 3.0.0

Description: The issue concerns the generation of random values using a non-cryptographically strong pseudo-random number generator, which may result in predictable values instead of random values as intended. This affects the oauth Random Token generation in react-native-meteor-oauth and the random values generated by randomatic.

Recommendations: For react-native-meteor-oauth, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For randomatic versions prior to 3.0.0, update to version 3.0.0 or later.