Do not use insecure functions
このページは日本語には対応しておりません。随時翻訳に取り組んでいます。
翻訳に関してご質問やご意見ございましたら、
お気軽にご連絡ください。
ID: python-security/insecure-hash-functions
Language: Python
Severity: Warning
Category: Security
CWE: 327
Description
Do not use a broken or risky cryptographic algorithm. This exposes you to unwanted attacks.
It checks the following modules
Learn More
- CWE-327 - Use of a Broken or Risky Cryptographic Algorithm
- CWE-328 - Use of Weak Hash
Non-Compliant Code Examples
from cryptography.hazmat.primitives import hashes
digest = hashes.Hash(hashes.MD5())
from cryptography.hazmat.primitives import hashes
digest = hashes.Hash(hashes.MD5())
import hashlib
hashlib.new('md5')
hashlib.new('md4')
hashlib.md5("bla");
Seamless integrations. Try Datadog Code Analysis