You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hello!
First and foremost, I would like to express my sincere gratitude for your contributions to this project.
Description:
I have identified a security vulnerability in the SupergirlOnCrypt v0.0.2 project by our cryptographic api misuse detection tool.The issue pertains to the use of a default RSA key length of 1024 bits, which is considered insecure due to advances in computing power and cryptographic weaknesses associated with shorter key lengths.
Hello!
First and foremost, I would like to express my sincere gratitude for your contributions to this project.
Description:
I have identified a security vulnerability in the SupergirlOnCrypt v0.0.2 project by our cryptographic api misuse detection tool.The issue pertains to the use of a default RSA key length of 1024 bits, which is considered insecure due to advances in computing power and cryptographic weaknesses associated with shorter key lengths.
Affected Version
v0.0.2
References:
CWE-326: Inadequate Encryption Strength
NIST SP 800-131A r2
Location:
https://github.com/ThoughtfulDev/SupergirlOnCrypt/blob/master/App/RSA/RSAKeyGen.py#L7
Recommendations:
I recommend the following actions to mitigate the vulnerability:
Upgrade the RSA key length to a more secure option, such as 2048 bits.
The text was updated successfully, but these errors were encountered: