Code Security Report: 1 total findings

[mend-for-github-com]

Code Security Report

Scan Metadata

Latest Scan: 2024-09-09 10:34am
Total Findings: 1 | New Findings: 0 | Resolved Findings: 0
Tested Project Files: 32
Detected Programming Languages: 1 (JavaScript / TypeScript*)

• Check this box to manually trigger a scan

Finding Details

Severity	Vulnerability Type	CWE	File	Data Flows	Date
Low	Weak Hash Strength	CWE-328	helpers.js:17	1	2024-09-05 09:24am
Vulnerable Code SCA_test_JS/app/compilers/elm-compiler/helpers.js Lines 12 to 17 in 19cb7cb return cleanUpExpression(expr.value) } } const hash = _.memoize(function hash(str) { return crypto.createHash('md5').update(str).digest('hex') 1 Data Flow/s detected SCA_test_JS/app/compilers/elm-compiler/helpers.js Line 17 in 19cb7cb return crypto.createHash('md5').update(str).digest('hex') Secure Code Warrior Training Material ● Training    ▪ Secure Code Warrior Weak Hash Strength Training ● Videos    ▪ Secure Code Warrior Weak Hash Strength Video ● Further Reading    ▪ OWASP Cryptographic Storage Cheat Sheet    ▪ OWASP Transport Layer Protection Cheat Sheet    ▪ OWASP Password Storage Cheat Sheet    ▪ OWASP Using a broken or risky cryptographic algorithm article