gitlab.gosec.G501-1

unknown

Download Count*

License

The MD5 message-digest algorithm has been cryptographically broken and is unsuitable for further use. It is recommended that the SHA-3, or BLAKE2 family of algorithms be used for non-password based cryptographic hashes instead. For password based cryptographic hashes, consider using the bcrypt or Argon2 family of cryptographic hashes.

Run Locally

Run in CI

Semgrep CI docs

Defintion

Edit Rule View Source

Open in Playground

rules:
  - id: gosec.G501-1
    patterns:
      - pattern: |
          import "crypto/md5"
    message: >
      The MD5 message-digest algorithm has been cryptographically broken and is
      unsuitable for

      further use. It is recommended that the SHA-3, or BLAKE2 family of algorithms be used for

      non-password based cryptographic hashes instead. For password based cryptographic hashes,

      consider using the bcrypt or Argon2 family of cryptographic hashes.
    metadata:
      cwe: "CWE-327: Use of a Broken or Risky Cryptographic Algorithm"
      owasp: "A9: Using Components with Known Vulnerabilities"
      primary_identifier: gosec.G501-1
      secondary_identifiers:
        - name: Gosec Rule ID G501
          type: gosec_rule_id
          value: G501
      license: MIT
    severity: WARNING
    languages:
      - go

Short Link: https://sg.run/3rxW