Scribd
Upload
15 views2 pages

Test Snyk Apuntes

The static code analysis of the project identified 16 code issues, including 10 high severity and 6 low severity problems. Key concerns include the use of insecure MD5 and Rijndael ciphers, as well as hardcoded credentials in multiple instances. Recommendations include switching to a secure hash algorithm and using AES for encryption instead of the insecure ciphers.

Uploaded by

stevegonzax.19
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
15 views2 pages

Test Snyk Apuntes

The static code analysis of the project identified 16 code issues, including 10 high severity and 6 low severity problems. Key concerns include the use of insecure MD5 and Rijndael ciphers, as well as hardcoded credentials in multiple instances. Recommendations include switching to a secure hash algorithm and using AES for encryption instead of the insecure ciphers.

Uploaded by

stevegonzax.19
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 2

INTERNET DESCONECTADDO

message:
Testing D:\Fuentes\Common Assemblies...

✗ [Low] Use of Password Hash With Insufficient Computational Effort


Path: cTripleDESCrypto.cs, line 19
Info: The MD5 hash (used by
global::System.Security.Cryptography.MD5CryptoServiceProvider) is insecure.
Consider changing it to a secure hash algorithm.

✗ [Low] Use of Password Hash With Insufficient Computational Effort


Path: cTripleDESCrypto.cs, line 47
Info: The MD5 hash (used by
global::System.Security.Cryptography.MD5CryptoServiceProvider) is insecure.
Consider changing it to a secure hash algorithm.

✗ [Low] Use of Hardcoded Credentials


Path: cTripleDESCrypto.cs, line 75
Info: Do not hardcode credentials in code. Found hardcoded credential used in
secret key variable declaration.

✗ [Low] Use of Hardcoded Credentials


Path: cTripleDESCrypto.cs, line 105
Info: Do not hardcode credentials in code. Found hardcoded credential used in
secret key variable declaration.

✗ [Low] Use of Hardcoded Credentials


Path: cTripleDESCrypto.cs, line 136
Info: Do not hardcode credentials in code. Found hardcoded credential used in
secret key variable declaration.

✗ [Low] Use of Hardcoded Credentials


Path: cTripleDESCrypto.cs, line 162
Info: Do not hardcode credentials in code. Found hardcoded credential used in
secret key variable declaration.

✗ [High] Use of a Broken or Risky Cryptographic Algorithm


Path: AESClass.cs, line 24
Info: The Rijndael cipher is insecure. Consider using AES instead.

✗ [High] Use of a Broken or Risky Cryptographic Algorithm


Path: AESClass.cs, line 66
Info: The Rijndael cipher is insecure. Consider using AES instead.

✗ [High] Use of a Broken or Risky Cryptographic Algorithm


Path: AESClass.cs, line 113
Info: The Rijndael cipher is insecure. Consider using AES instead.

✗ [High] Use of a Broken or Risky Cryptographic Algorithm


Path: AESClass.cs, line 159
Info: The Rijndael cipher is insecure. Consider using AES instead.

✗ [High] Use of a Broken or Risky Cryptographic Algorithm


Path: cTripleDESCrypto.cs, line 18
Info: The Triple DES cipher is insecure. Consider using AES instead.

✗ [High] Use of a Broken or Risky Cryptographic Algorithm


Path: cTripleDESCrypto.cs, line 46
Info: The Triple DES cipher is insecure. Consider using AES instead.

✗ [High] Use of a Broken or Risky Cryptographic Algorithm


Path: cTripleDESCrypto.cs, line 77
Info: The Triple DES cipher is insecure. Consider using AES instead.

✗ [High] Use of a Broken or Risky Cryptographic Algorithm


Path: cTripleDESCrypto.cs, line 106
Info: The Triple DES cipher is insecure. Consider using AES instead.

✗ [High] Use of a Broken or Risky Cryptographic Algorithm


Path: cTripleDESCrypto.cs, line 137
Info: The Triple DES cipher is insecure. Consider using AES instead.

✗ [High] Use of a Broken or Risky Cryptographic Algorithm


Path: cTripleDESCrypto.cs, line 163
Info: The Triple DES cipher is insecure. Consider using AES instead.

✔ Test completed

Organization: XXXXXXX
Test type: Static code analysis
Project path: D:\Fuentes\Common Assemblies\CryptoDoNet

Summary:

16 Code issues found


10 [High] 6 [Low]

You might also like