Tag: cryptography

Insecure cookie

Insecure cookies can lead to unencrypted transmission of sensitive data.

Insecure connection using unencrypted protocol

Connections that use insecure protocols transmit data in cleartext, which can leak sensitive information.

Improper certificate validation

Lack of validation of a security certificate can lead to host impersonation and sensitive data leaks.

Timing attack

Insecure string comparison can lead to a timing-attack.

Insecure hashing

Obsolete, broken, or weak hashing algorithms can lead to security vulnerabilities.

Insecure cryptography

Weak, broken, or misconfigured cryptography can lead to security vulnerabilities.

Insecure JWT parsing

Checks if the none algorithm is used in a JWT token parsing.