CodeQL library for Python
codeql/python-all 0.6.4 (changelog, source)
Search

Module WeakSensitiveDataHashingCustomizations

Provides default sources, sinks and sanitizers for detecting “use of a broken or weak cryptographic hashing algorithm on sensitive data” vulnerabilities, as well as extension points for adding your own.

Import path

import semmle.python.security.dataflow.WeakSensitiveDataHashingCustomizations

Modules

ComputationallyExpensiveHashFunction

Provides default sources, sinks and sanitizers for detecting “use of a broken or weak cryptographic hashing algorithm on sensitive data” vulnerabilities on sensitive data that DOES require computationally expensive hashing, as well as extension points for adding your own.

NormalHashFunction

Provides default sources, sinks and sanitizers for detecting “use of a broken or weak cryptographic hashing algorithm on sensitive data” vulnerabilities on sensitive data that does NOT require computationally expensive hashing, as well as extension points for adding your own.