CVE-2022-23472

Name of the Vulnerable Software and Affected Versions Passeo versions prior to 1.0.5

Description Passeo is an open source python password generator that relies on the python random library for random value selection in versions prior to 1.0.5. The python random library is not suitable for security purposes due to its non-cryptographically secure random number generator, which may allow a motivated attacker to guess generated passwords.

Recommendations For versions prior to 1.0.5, upgrade to version 1.0.5, which addresses this issue by using the secrets library. It is also recommended to change any passwords generated with Passeo before version 1.0.5.