Title: [Java] CWE-326: Query to detect weak encryption with an insufficient key size · Issue #229 · github/securitylab · GitHub
Open Graph Title: [Java] CWE-326: Query to detect weak encryption with an insufficient key size · Issue #229 · github/securitylab
X Title: [Java] CWE-326: Query to detect weak encryption with an insufficient key size · Issue #229 · github/securitylab
Description: CVE ID(s) List the CVE ID(s) associated with this vulnerability. GitHub will automatically link CVE IDs to the GitHub Advisory Database. Report Describe the vulnerability. Provide any information you think will help GitHub assess the imp...
Open Graph Description: CVE ID(s) List the CVE ID(s) associated with this vulnerability. GitHub will automatically link CVE IDs to the GitHub Advisory Database. Report Describe the vulnerability. Provide any information y...
X Description: CVE ID(s) List the CVE ID(s) associated with this vulnerability. GitHub will automatically link CVE IDs to the GitHub Advisory Database. Report Describe the vulnerability. Provide any information y...
Opengraph URL: https://github.com/github/securitylab/issues/229
X: @github
Domain: github.com
{"@context":"https://schema.org","@type":"DiscussionForumPosting","headline":"[Java] CWE-326: Query to detect weak encryption with an insufficient key size","articleBody":"## CVE ID(s)\r\n\r\n*List the CVE ID(s) associated with this vulnerability. GitHub will automatically link CVE IDs to the [GitHub Advisory Database](https://github.com/advisories).*\r\n\r\n## Report\r\n\r\n*Describe the vulnerability. Provide any information you think will help GitHub assess the impact your query has on the open source community.*\r\n\r\nStrength of cryptographic algorithms depends on a sufficient key size to be robust against brute-force attacks. A theoretically sound encryption scheme with an insufficient key size can still be subjected to brute force attacks that have a reasonable chance of succeeding using current attack methods and resources.\r\n\r\nThis type of issues is categorized as [CWE-326: Inadequate Encryption Strength](https://cwe.mitre.org/data/definitions/326.html).\r\n\r\nThe relevant query finds uses of strong encryption algorithms (AES, DSA, RSA, and EC) with too small a key size. \r\n\r\nRelevant PR - [#4926](https://github.com/github/codeql/pull/4926)\r\n\r\n- [x] Are you planning to discuss this vulnerability submission publicly? (Blog Post, social networks, etc). *We would love to have you spread the word about the good work you are doing*\r\n\r\n## Result(s)\r\n\r\n*Provide at least one useful result found by your query, on some revision of a real project.*\r\n\r\n- [rajsankar143/webbased2-alert](https://github.com/rajsankar143/webbased2-alert)\r\n","author":{"url":"https://github.com/luchua-bc","@type":"Person","name":"luchua-bc"},"datePublished":"2021-01-07T21:42:46.000Z","interactionStatistic":{"@type":"InteractionCounter","interactionType":"https://schema.org/CommentAction","userInteractionCount":9},"url":"https://github.com/229/securitylab/issues/229"}
| route-pattern | /_view_fragments/issues/show/:user_id/:repository/:id/issue_layout(.:format) |
| route-controller | voltron_issues_fragments |
| route-action | issue_layout |
| fetch-nonce | v2:30e99109-044e-c001-70ca-bad16d898a2c |
| current-catalog-service-hash | 81bb79d38c15960b92d99bca9288a9108c7a47b18f2423d0f6438c5b7bcd2114 |
| request-id | E2FA:2AF931:264EA7:377C7B:6A4D0A1C |
| html-safe-nonce | a9bc07be9c8384103107812e84b3667d2038fb3a304b71bc77382268ad045a62 |
| visitor-payload | eyJyZWZlcnJlciI6IiIsInJlcXVlc3RfaWQiOiJFMkZBOjJBRjkzMToyNjRFQTc6Mzc3QzdCOjZBNEQwQTFDIiwidmlzaXRvcl9pZCI6IjU1ODc2Njc5NDE4MDc5NTAzNjQiLCJyZWdpb25fZWRnZSI6ImlhZCIsInJlZ2lvbl9yZW5kZXIiOiJpYWQifQ== |
| visitor-hmac | abe0b05b821fce6fa1a5313f72c4231c29cd194193c0122ac8cdda86f8962fa7 |
| hovercard-subject-tag | issue:781630096 |
| github-keyboard-shortcuts | repository,issues,copilot |
| google-site-verification | Apib7-x98H0j5cPqHWwSMm6dNU4GmODRoqxLiDzdx9I |
| octolytics-url | https://collector.github.com/github/collect |
| analytics-location | / |
| fb:app_id | 1401488693436528 |
| apple-itunes-app | app-id=1477376905, app-argument=https://github.com/_view_fragments/issues/show/github/securitylab/229/issue_layout |
| twitter:image | https://opengraph.githubassets.com/7ec4f19ad3f10c2d4dcf791e06599dd83315dfac56671cbeb5092c01b89c5f60/github/securitylab/issues/229 |
| twitter:card | summary_large_image |
| og:image | https://opengraph.githubassets.com/7ec4f19ad3f10c2d4dcf791e06599dd83315dfac56671cbeb5092c01b89c5f60/github/securitylab/issues/229 |
| og:image:alt | CVE ID(s) List the CVE ID(s) associated with this vulnerability. GitHub will automatically link CVE IDs to the GitHub Advisory Database. Report Describe the vulnerability. Provide any information y... |
| og:image:width | 1200 |
| og:image:height | 600 |
| og:site_name | GitHub |
| og:type | object |
| og:author:username | luchua-bc |
| hostname | github.com |
| expected-hostname | github.com |
| None | 31e4db13a9e20081f2fac78f441659a6576e582bbb15e153f9c7fb6473aa29f5 |
| turbo-cache-control | no-preview |
| go-import | github.com/github/securitylab git https://github.com/github/securitylab.git |
| octolytics-dimension-user_id | 9919 |
| octolytics-dimension-user_login | github |
| octolytics-dimension-repository_id | 221101274 |
| octolytics-dimension-repository_nwo | github/securitylab |
| octolytics-dimension-repository_public | true |
| octolytics-dimension-repository_is_fork | false |
| octolytics-dimension-repository_network_root_id | 221101274 |
| octolytics-dimension-repository_network_root_nwo | github/securitylab |
| turbo-body-classes | logged-out env-production page-responsive |
| disable-turbo | false |
| browser-stats-url | https://api.github.com/_private/browser/stats |
| browser-errors-url | https://api.github.com/_private/browser/errors |
| release | fb70bd3c4b2bec429781b65419e912c66e2d5581 |
| ui-target | canary-2 |
| theme-color | #1e2327 |
| color-scheme | light dark |
Links:
Viewport: width=device-width