You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hello guys.
Time-to-time we perform a Veracode security scan of our project compiled artifacts.
In addition to our code analysis, it also checks used 3rd-party libraries as well.
The latest scan has identified several security issues related to pubnub-gson-6.4.1.jar
I would be grateful for your opinion on this.
Here is the list of findings:
CWE-327, Use of a Broken or Risky Cryptographic Algorithm (Medium severity):
Hello guys.
Time-to-time we perform a Veracode security scan of our project compiled artifacts.
In addition to our code analysis, it also checks used 3rd-party libraries as well.
The latest scan has identified several security issues related to pubnub-gson-6.4.1.jar
I would be grateful for your opinion on this.
Here is the list of findings:
CWE-327, Use of a Broken or Risky Cryptographic Algorithm (Medium severity):
Looks like both lines instantiate the class IvParameterSpec which is considered unsafe.
I would be glad to know what you think of it.
Thank you in advance.
The text was updated successfully, but these errors were encountered: