Make WordPress Core

Opened 8 months ago

#59239 new defect (bug)

wp_generate_uuid4 collisions

Reported by: joppuyo's profile joppuyo Owned by:
Milestone: Awaiting Review Priority: normal
Severity: normal Version:
Component: General Keywords:
Focuses: Cc:

Description

It seems like wp_generate_uuid4() is prone to creating UUID collisions, since it internally uses mt_rand, which uses a 32-bit seed. When this seed repeats, it will generate the same UUID twice. Maybe it should be updated to use wp_rand instead which uses random_int so it's backed by a real CSPRNG?

Change History (0)

Note: See TracTickets for help on using tickets.