punisherVX
commented
5 years ago Removed portal code and tested. No problems found.
This is fixed in b6899ecc539edbed9bbc9b3f1de0918050a92b74
Closed punisherVX closed 5 years ago
punisherVX
commented
5 years ago Removed portal code and tested. No problems found.
This is fixed in b6899ecc539edbed9bbc9b3f1de0918050a92b74
The example code for portals is not, and has never been, used. It has added most of the bulk since the javascript libraries are huge. Plus, there are some low-priority security concerns associated with randomatic being used.
CVE-2017-16028 low severity
Vulnerable versions: < 3.0.0 Patched version: 3.0.0 react-native-meteor-oauth is a library for Oauth2 login to a Meteor server in React Native. The oauth Random Token is generated using a non-cryptographically strong RNG (Math.random()).