Description
The SecureRandom.random_bytes function in lib/securerandom.rb in Ruby before 1.8.7-p352 and 1.9.x before 1.9.2-p290 relies on PID values for initialization, which makes it easier for context-dependent attackers to predict the result string by leveraging knowledge of random strings obtained in an earlier process with the same PID.
Remediation
References
Related Vulnerabilities
Joomla! Core 3.x.x Information Disclosure (3.0.0 - 3.9.19)
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-7833)
WordPress 4.3.x Denial of Service Vulnerability (4.3 - 4.3.15)
WordPress Plugin Fast Secure Contact Form 'index.php' Cross-Site Scripting (3.0.3.1)