gitlab.gosec.G502-1

unknown

Download Count*

License

Usage of a cryptographically broken primitive has been detected. It is recommended that ChaCha20 or Advanced Encryption Standard (AES) be used instead.

Run Locally

Run in CI

Semgrep CI docs

Defintion

Edit Rule View Source

Open in Playground

rules:
  - id: gosec.G502-1
    patterns:
      - pattern: |
          import "crypto/des"
    message: >
      Usage of a cryptographically broken primitive has been detected. It is
      recommended that 

      ChaCha20 or Advanced Encryption Standard (AES) be used instead.
    metadata:
      cwe: "CWE-327: Use of a Broken or Risky Cryptographic Algorithm"
      owasp: "A9: Using Components with Known Vulnerabilities"
      primary_identifier: gosec.G502-1
      secondary_identifiers:
        - name: Gosec Rule ID G502
          type: gosec_rule_id
          value: G502
      license: MIT
    severity: WARNING
    languages:
      - go

Short Link: https://sg.run/Q95q