Affecting cryptiles package, versions <4.1.2
cryptiles is a package for general crypto utilities.
Affected versions of this package are vulnerable to Insecure Randomness. The
randomDigits() method is supposed to return a cryptographically strong pseudo-random data string, but it was biased to certain digits. An attacker could be able to guess the created digits.
Upgrade to version 4.1.2 and higher.