Application Uses Insecure Encryption Mechanisms Static analysis revealed the presence of cryptographically weak encryption algorithms. #3644
Labels
question
General question
Comments
github-actions
bot
added
pending-triage
|
Can you provide the report that claims this? |
github-actions
bot
removed
the
pending-maintainer-response
|
BSI organisation tested our app and they raised the issue in your sdk that you using weak encryption so I reported here |
github-actions
bot
added
the
pending-maintainer-response
|
Can you please provide detailed analysis to the team so that we can investigate further (as also requested above)?
The current information we have is not enough for us to further look into the issue. |
github-actions
bot
removed
the
pending-maintainer-response
|
@spdeol20 Specifically when we've seen reports like this, it comes with the report that specifically calls out the class in question with an explanation of what the possible issue would be. The SDKs for Cognito and AppSync are large so we need more details in order to investigate. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Application Uses Insecure Encryption Mechanisms Static analysis revealed the presence of cryptographically weak encryption algorithms.
"RSA/ECB/PKCS1Padding";
The text was updated successfully, but these errors were encountered: