The software uses insufficiently random numbers or values in a security context that depends on unpredictable numbers.
