commons-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "David Camilo Espitia Manrique (JIRA)" <j...@apache.org>
Subject [jira] [Created] (VFS-551) BUG - Use of a Broken or Risky Cryptographic Algorithm - DefaultCryptor.java
Date Fri, 26 Dec 2014 22:25:13 GMT
David Camilo Espitia Manrique created VFS-551:
-------------------------------------------------

             Summary: BUG - Use of a Broken or Risky Cryptographic Algorithm - DefaultCryptor.java
                 Key: VFS-551
                 URL: https://issues.apache.org/jira/browse/VFS-551
             Project: Commons VFS
          Issue Type: Bug
    Affects Versions: 2.0
            Reporter: David Camilo Espitia Manrique
             Fix For: 2.0


Good day,

We are currently using "Commons-vfs2-2.0" and in the analysis of veracode found this bug in
DefaultCryptor.java (near to the line 52) in this class, used "AES":


Description:

The use of a broken or risky cryptographic algorithm is an unnecessary risk that may result
in the disclosure of sensitive information.






--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message