CVE-2021-29499HIGH≥ 0, < 1.2.32021-05-18
CVE-2021-29499 [HIGH] CWE-330 Predictable SIF UUID Identifiers in github.com/sylabs/sif
Predictable SIF UUID Identifiers in github.com/sylabs/sif
### Impact
The `siftool new` command and [func siftool.New()](https://pkg.go.dev/github.com/sylabs/sif/pkg/siftool#New) produce predictable UUID identifiers due to insecure randomness in the version of the `github.com/satori/go.uuid` module used as a dependency.
### Patches
A patch is available in version >= v1.2.3 of the module. Users are encourag
ghsaosv