[DepShield] (CVSS 5.9) Vulnerability due to usage of golang.org/x:crypto:0.0.0-20181203042331-505ab145d0a9

**Vulnerabilities**

DepShield reports that this application's usage of [golang.org/x:crypto:0.0.0-20181203042331-505ab145d0a9](https://ossindex.sonatype.org/component/pkg:golang/golang.org/x/crypto@0.0.0-20181203042331-505ab145d0a9) results in the following vulnerability(s):

- (CVSS **5.9**) [[CVE-2019-11840]  Use of Insufficiently Random Values](https://ossindex.sonatype.org/vuln/5121f5ff-9831-44a6-af2e-24f7301d1df7)

<hr />

**Occurrences**

golang.org/x:crypto:0.0.0-20181203042331-505ab145d0a9 is a transitive dependency introduced by the following direct dependency(s):

• **[github.com/spf13:viper:1.3.2](https://ossindex.sonatype.org/component/pkg:golang/github.com/spf13/viper@1.3.2)**
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;└─ [golang.org/x:crypto:0.0.0-20181203042331-505ab145d0a9](https://ossindex.sonatype.org/component/pkg:golang/golang.org/x/crypto@0.0.0-20181203042331-505ab145d0a9)

<sub>This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for [personal](https://help.github.com/articles/managing-your-personal-account-s-apps/) and [organization](https://help.github.com/articles/managing-your-organization-s-apps/) accounts. Please submit questions or feedback about DepShield to the [Sonatype DepShield Community](https://community.sonatype.com/c/depshield).</sub>

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[DepShield] (CVSS 5.9) Vulnerability due to usage of golang.org/x:crypto:0.0.0-20181203042331-505ab145d0a9 #36

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

[DepShield] (CVSS 5.9) Vulnerability due to usage of golang.org/x:crypto:0.0.0-20181203042331-505ab145d0a9 #36

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions