gitlab.bandit.B303-5

385
Download Count*
License

Detected MD5 hash algorithm which is considered insecure. MD5 is not collision resistant and is therefore not suitable as a cryptographic signature. Use SHA256 or SHA3 instead.

Run Locally

Run in CI

Defintion

rules:
  - id: bandit.B303-5
    patterns:
      - pattern-either:
          - pattern: Crypto.Hash.MD5.new(...)
          - pattern: Cryptodome.Hash.MD5.new (...)
    message: |
      Detected MD5 hash algorithm which is considered insecure. MD5 is not
      collision resistant and is therefore not suitable as a cryptographic
      signature. Use SHA256 or SHA3 instead.
    metadata:
      cwe: CWE-327
      shortDescription: Use of a Broken or Risky Cryptographic Algorithm
      owasp: A3:2017-Sensitive Data Exposure
      primary_identifier: bandit.B303-5
      secondary_identifiers:
        - name: Bandit Test ID B303
          type: bandit_test_id
          value: B303
      license: MIT
    severity: WARNING
    languages:
      - python