Rpicardo

**Name of the Vulnerable Software and Affected Versions** Lemur version 0.1.4 **Description** The issue is related to insufficient entropy in the initialization vector (IV) when encrypting AES in CBC mode. **Recommendations** For version 0.1.4, consider updating to a version that properly implements sufficient entropy in its IV for AES encryption in CBC mode. At the moment, there is no information about a newer version that contains a fix for this vulnerability.