CWE-338 Use of Cryptographically Weak PRNG
What this means
SiteShadow flagged use of a non-cryptographic PRNG where security-grade randomness is required (tokens, reset links, session IDs, API keys, nonces).
Why it matters
Weak PRNGs can be predicted or replayed.
- Guessable tokens lead to account takeover and unauthorized access.
- Broken crypto: weak nonces/IVs can break encryption guarantees.
- These issues are often exploitable at scale because PRNG outputs are predictable.
Safer examples
1) Use a cryptographically secure RNG (Node + Python)
import { randomBytes } from "node:crypto";
const token = randomBytes(32).toString("hex");import secrets
token = secrets.token_urlsafe(32)2) Don't use Math.random() / random() for secrets
Those are fine for UI effects and simulations, not auth tokens.
3) Keep entropy sufficient
Use at least 128 bits of entropy for security tokens (often 16+ bytes).
How SiteShadow detects it (high level)
- Detects weak PRNG APIs used near security-sensitive values and flows.
- Flags "token-like" generation patterns that do not use secure RNGs.
References
- CWE-338: https://cwe.mitre.org/data/definitions/338.html
---