Davidosipov

**Name of the Vulnerable Software and Affected Versions** Vision UI versions 1.4.0 and below security-kit versions prior to 3.5.0 **Description** The `getSecureRandomInt` function contains a cryptographic weakness due to a silent 32-bit integer overflow in its internal masking logic. This prevents the function from producing a uniform distribution of random numbers when the requested range between `min` and `max` is larger than 2³². The root cause is the use of a 32-bit bitwise left-shift operation (<<) to generate a bitmask for the rejection sampling algorithm, resulting in an incorrect mask for ranges requiring 32 or more bits of entropy. **Recommendations** Update to Vision UI version 1.5.0 or later. Update security-kit to version 3.5.0 or later.

**Name of the Vulnerable Software and Affected Versions** Vision UI versions 1.4.0 and below **Description** The `generateSecureId` and `getSecureRandomInt` functions within the `security-kit` component (versions prior to 3.5.0, packaged in Vision UI 1.4.0 and below) are susceptible to Denial of Service (DoS) attacks. The `generateSecureId(length)` function directly utilizes the `length` parameter to determine the size of a `Uint8Array` buffer. This allows attackers to deplete server memory by repeatedly requesting large IDs. The `getSecureRandomInt(min, max)` function calculates buffer size based on the range between `min` and `max`, and large ranges can lead to excessive memory allocation and CPU-intensive rejection-sampling loops, potentially causing thread hangs. **Recommendations** Update to Vision UI version 1.5.0 or later. Update the `security-kit` component to version 3.5.0 or later.