mirror of
https://github.com/github/codeql.git
synced 2025-12-17 01:03:14 +01:00
22 lines
724 B
Plaintext
22 lines
724 B
Plaintext
/**
|
|
* @name Use of a broken or weak cryptographic algorithm
|
|
* @description Using broken or weak cryptographic algorithms can compromise security.
|
|
* @kind path-problem
|
|
* @problem.severity warning
|
|
* @security-severity 7.5
|
|
* @precision high
|
|
* @id go/weak-crypto-algorithm
|
|
* @tags security
|
|
* external/cwe/cwe-327
|
|
* external/cwe/cwe-328
|
|
*/
|
|
|
|
import go
|
|
import WeakCryptoAlgorithmCustomizations
|
|
import WeakCryptoAlgorithm::Flow::PathGraph
|
|
|
|
from WeakCryptoAlgorithm::Flow::PathNode source, WeakCryptoAlgorithm::Flow::PathNode sink
|
|
where WeakCryptoAlgorithm::Flow::flowPath(source, sink)
|
|
select sink.getNode(), source, sink, "$@ is used in a weak cryptographic algorithm.",
|
|
source.getNode(), "Sensitive data"
|