Gax
I've got some suggestions which may be useful and can help make it more secure. 1. The "random.choice()" used [here](https://github.com/crossbario/autobahn-python/blob/master/autobahn/wamp/auth.py#L604) may be considered vulnerable because the "random" module is not...
I've got some questions when browsing the source code. 1. The sha256 [here](https://github.com/lbryio/lbry-sdk/blob/master/lbry/crypto/crypt.py#L19) is used to generate the key from secret. But sha256 itself is not a secure algorithm for...
### System information no ### What is the project operation method? Source Code ### What happened? ## Why you need it? We've identified that the password is hardcoded in the...
### Description ## Why you need it? We've identified that in the file SecuredPasswordEncrypter.java, the encryption key is hardcoded, and vulnerable algorithms DES and 3DES are still in use [here](https://github.com/dbeaver/dbeaver/blob/devel/plugins/org.jkiss.dbeaver.model/src/org/jkiss/dbeaver/runtime/encode/SecuredPasswordEncrypter.java#L37)....
Hi, I am new to JustAuth, and when I was browsing the code I found in the file `GlobalAuthUtils.java`, `Random` is used to generate the nonce [here](https://github.com/justauth/JustAuth/blob/master/src/main/java/me/zhyd/oauth/utils/GlobalAuthUtils.java#L200). ```java public static...
Hi, I am new to SmartTube, and when I was browsing the code I found some potential risks. 1. Random is used In the file `CachedContentIndex.java` the `Random` is define...
Hello! I'm new to DataX and when I was browsing the code I found some potential cryptographic risks. 1. DES and 3DES used DES is used [here](https://github.com/alibaba/DataX/blob/master/common/src/main/java/com/alibaba/datax/common/util/DESCipher.java#L39) and 3DES is...
1. AES ECB模式使用 AES的ECB模式已经被普遍认为是不安全的,但在代码中仍然在使用。[code](https://github.com/wechatpy/wechatpy/blob/master/wechatpy/crypto/base.py#L34) 3. IV设定 在对IV进行设定时,若IV未给定,会直接从key中进行截取,带来安全隐患。[code](https://github.com/wechatpy/wechatpy/blob/master/wechatpy/crypto/base.py#L28) IV应当通过随机的方式生成。