hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 01:03:14 +01:00
Code Issues Packages Projects Releases Wiki Activity

State that ruby broken crypto algo doesn't deal with hashing

Browse Source
This commit is contained in:
Owen Mansel-Chan
2025-10-08 14:05:00 +01:00
parent 2918d30697
commit 90db349f4b
1 changed files with 6 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
ruby/ql/src/queries/security/cwe-327/BrokenCryptoAlgorithm.qhelp
View File

@@ -13,6 +13,12 @@
algorithm means that encrypted or hashed data is less algorithm means that encrypted or hashed data is less
secure than it appears to be. secure than it appears to be.
</p> </p>
<p>
This query alerts on any use of a weak cryptographic algorithm, that is
not a hashing algorithm. Use of broken or weak cryptographic hash
functions are handled by the
<code>rb/weak-sensitive-data-hashing</code> query.
</p>
</overview> </overview>
<recommendation> <recommendation>
<p> <p>