Python: Add CWE-328 to py/weak-sensitive-data-hashing

Reading over the description at https://cwe.mitre.org/data/definitions/328.html: > The product uses a hashing algorithm that produces a hash value that can be used to determine the original input, or to find an input that can produce the same hash, more efficiently than brute force techniques. For the data that does not require computationally expensive hashing, that will be the exactly problems that this query finds 👍 (that is, MD5, SHA1)
2025-12-18 01:33:15 +01:00 · 2021-08-25 10:19:22 +02:00
parent abdf993e47
commit 605bd19306
1 changed files with 1 additions and 0 deletions
--- a/python/ql/src/Security/CWE-327/WeakSensitiveDataHashing.ql
+++ b/python/ql/src/Security/CWE-327/WeakSensitiveDataHashing.ql
@@ -8,6 +8,7 @@
 * @id py/weak-sensitive-data-hashing
 * @tags security
 *       external/cwe/cwe-327
+ *       external/cwe/cwe-328
 *       external/cwe/cwe-916
 */