ajinabraham.njsscan.crypto_node.node_aes_ecb

ajinabraham

Author

1,155

Download Count*

GPLv3

License

AES with ECB mode is deterministic in nature and not suitable for encrypting large amount of repetitive data.

Run Locally

Run in CI

Semgrep CI docs

Defintion

Edit Rule View Source

Open in Playground

rules:
  - id: node_aes_ecb
    patterns:
      - pattern-either:
          - pattern: |
              $X.createCipheriv("=~/^aes-([0-9]+)-ecb$/i", ...)
          - pattern: |
              $X.createDecipheriv("=~/^aes-([0-9]+)-ecb$/i", ...)
    message: AES with ECB mode is deterministic in nature and not suitable for
      encrypting large amount of repetitive data.
    languages:
      - javascript
    severity: ERROR
    metadata:
      owasp-web: a9
      cwe: cwe-327
      license: LGPL-3.0-or-later

Short Link: https://sg.run/2x38