Back to library list
commons-io__commons-io
Column Insecure: Icon 
indicates the version is insecure, otherwise 
Column CryptoMisuse: Icon indicates the version has cryptographic API misuse, otherwise
indicates the version is insecure, otherwise
Column CryptoMisuse: Icon
indicates the version has cryptographic API misuse, otherwise
| Version | Insecure | CryptoMisuse | Rule name | Method | Statement | Details |
|---|---|---|---|---|---|---|
| 1.0 |
|
|
||||
| 1.1 |
|
|
||||
| 1.2 |
|
|
||||
| 1.3 |
|
|
||||
| 1.3.1 |
|
|
||||
| 1.3.2 |
|
|
||||
| 1.4 |
|
|
||||
| 2.0 |
|
|
||||
| 2.0.1 |
|
|
||||
| 2.1 |
|
|
||||
| 2.2 |
|
|
||||
| 2.3 |
|
|
||||
| 2.4 |
|
|
||||
| 2.5 |
|
|
||||
| 2.6 |
|
|
MessageDigest | org.apache.commons.io.input.MessageDigestCalculatingInputStream.<init>(Ljava/io/InputStream;)V | $r2 = staticinvoke <java.security.MessageDigest: java.security.MessageDigest getInstance(java.lang.String)>(varReplacer391) | First parameter (with value "MD5") should be any of {SHA-256, SHA-384, SHA-512} |
| - | - |
|
MessageDigest | org.apache.commons.io.input.MessageDigestCalculatingInputStream.<init>(Ljava/io/InputStream;)V | specialinvoke r0.<org.apache.commons.io.input.MessageDigestCalculatingInputStream: void <init>(java.io.InputStream,java.security.MessageDigest)>(r1, $r2) | Operation on object of type java.security.MessageDigest object not completed. Expected call to digest, update |
| - | - |
|
MessageDigest | org.apache.commons.io.input.MessageDigestCalculatingInputStream.<init>(Ljava/io/InputStream;Ljava/lang/String;)V | specialinvoke r0.<org.apache.commons.io.input.MessageDigestCalculatingInputStream: void <init>(java.io.InputStream,java.security.MessageDigest)>(r1, $r3) | Operation on object of type java.security.MessageDigest object not completed. Expected call to digest, update |
| 20030203.550 |
|
|