Comment by jbverschoor
21 hours ago
https://github.com/uuidjs/uuid/blob/e1f42a354593093ba0479f0b...
became
https://github.com/uuidjs/uuid/blob/f2c235f93059325fa43e1106...
Welp.. time to patch and update everything again. Another day, another npm-package headache. Very odd()
Attack vector: call the rng(), and send the result somewhere. You now have now overwritten someone elses "random number" and know about it. The fun things you can do with those numbers!
Seems to be "safe" because of it's not exported, and the results get used in a different way. Still is a bug in my book.