CVEs-PoC/2021/CVE-2021-4238.md

### [CVE-2021-4238](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4238)
![](https://img.shields.io/static/v1?label=Product&message=github.com%2FMasterminds%2Fgoutils&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE%20330%3A%20Use%20of%20Insufficiently%20Random%20Values&color=brightgreen)

### Description

Randomly-generated alphanumeric strings contain significantly less entropy than expected. The RandomAlphaNumeric and CryptoRandomAlphaNumeric functions always return strings containing at least one digit from 0 to 9. This significantly reduces the amount of entropy in short strings generated by these functions.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/drpaneas/goguard
- https://github.com/seal-community/patches