Usage of insufficient random value | Sec1

Products Book A Demo Contact Us

Overview

Rule ID: java_lang_insufficiently_random_values
Applicable Languages: Java
Weakness ID: CWE-330

Description

Employing predictable random values undermines application security, especially when these values are used for security-sensitive purposes.

Remediation Guidelines

Do utilize a robust library for generating random values to enhance security.
```
SecureRandom random = new SecureRandom();
```

References

Configuration