OneSignal-iOS-SDK icon indicating copy to clipboard operation
OneSignal-iOS-SDK copied to clipboard

Published 20 hours ago verified publisher icon OneSignal

[question]: Security Concern: Use of SHA1/MD5

Open remithaunay opened this issue 9 months ago • 3 comments

How can we help?

Hello,

SHA1 and MD5 are considered weak cryptographic algorithms, and a recent penetration test revealed their use. Upon investigation, it appears they are used in the OneSignal-iOS-SDK.

Could you clarify how these algorithms are used and why their usage does not pose a security risk?

Thanks!

Code of Conduct

  • [x] I agree to follow this project's Code of Conduct

remithaunay avatar Feb 26 '25 15:02 remithaunay