Instances of java.util.Random are found and it is not cryptographically secure. Consider instead using SecureRandom to get a cryptographically secure pseudo-random number generator.
It has been identified that the app is using Instances of java.util.Random in below mentioned java File.
Environment
OS: macOS 14.3.1 CPU: (8) arm64 Apple M3 Memory: 76.84 MB / 8.00 GB Shell: 5.9 - /bin/zsh Binaries: Node: 21.6.1 - /opt/homebrew/bin/node Yarn: 1.22.21 - /opt/homebrew/bin/yarn npm: 10.2.4 - /opt/homebrew/bin/npm Watchman: 2024.01.22.00 - /opt/homebrew/bin/watchman Managers: CocoaPods: 1.15.2 - /opt/homebrew/bin/pod SDKs: iOS SDK: Platforms: DriverKit 23.2, iOS 17.2, macOS 14.2, tvOS 17.2, visionOS 1.0, watchOS 10.2 Android SDK: Not Found IDEs: Android Studio: 2023.1 AI-231.9392.1.2311.11330709 Xcode: 15.2/15C500b - /usr/bin/xcodebuild Languages: Java: 17.0.10 - /usr/bin/javac npmPackages: @react-native-community/cli: Not Found react: 18.1.0 => 18.1.0 react-native: 0.70.6 => 0.70.6 react-native-macos: Not Found npmGlobalPackages: react-native: Not Found
Platforms
Android
Versions
Please add the used versions/branches
Description
In Testing we found an issue:
Instances of java.util.Random are found and it is not cryptographically secure. Consider instead using SecureRandom to get a cryptographically secure pseudo-random number generator.
It has been identified that the app is using Instances of java.util.Random in below mentioned java File.
FusedLocationProvider.java bb/o.java dd/b0.java o1/a.java rd/d.java rd/h.java uc/a.java uc/b.java vc/a.java
Expected Results
using SecureRandom to get a cryptographically secure pseudo-random number generator.