Back to library list
org.apache.commons__commons-math3
Column Insecure: Icon 
indicates the version is insecure, otherwise 
Column CryptoMisuse: Icon indicates the version has cryptographic API misuse, otherwise
indicates the version is insecure, otherwise
Column CryptoMisuse: Icon
indicates the version has cryptographic API misuse, otherwise
| Version | Insecure | CryptoMisuse | Rule name | Method | Statement | Details |
|---|---|---|---|---|---|---|
| 3.0 |
|
|
MessageDigest | org.apache.commons.math3.random.RandomDataImpl.nextSecureHexString(I)Ljava/lang/String; | r17 = staticinvoke <java.security.MessageDigest: java.security.MessageDigest getInstance(java.lang.String)>(varReplacer706) | First parameter (with value "SHA-1") should be any of {SHA-256, SHA-384, SHA-512} |
| - | - |
|
MessageDigest | org.apache.commons.math3.random.RandomDataImpl.nextSecureHexString(I)Ljava/lang/String; | virtualinvoke r17.<java.security.MessageDigest: void reset()>() | Unexpected call to method reset on object of type java.security.MessageDigest. Expect a call to one of the following methods digest,update |
| - | - |
|
SecureRandom | org.apache.commons.math3.random.RandomDataImpl.nextSecureHexString(I)Ljava/lang/String; | virtualinvoke r1.<java.security.SecureRandom: void nextBytes(byte[])>(r3) | Unexpected call to method nextBytes on object of type java.security.SecureRandom. |
| 3.1 |
|
|
MessageDigest | org.apache.commons.math3.random.RandomDataGenerator.nextSecureHexString(I)Ljava/lang/String; | r17 = staticinvoke <java.security.MessageDigest: java.security.MessageDigest getInstance(java.lang.String)>(varReplacer2274) | First parameter (with value "SHA-1") should be any of {SHA-256, SHA-384, SHA-512} |
| - | - |
|
MessageDigest | org.apache.commons.math3.random.RandomDataGenerator.nextSecureHexString(I)Ljava/lang/String; | virtualinvoke r17.<java.security.MessageDigest: void reset()>() | Unexpected call to method reset on object of type java.security.MessageDigest. Expect a call to one of the following methods digest,update |
| - | - |
|
SecureRandom | org.apache.commons.math3.random.RandomDataGenerator.nextSecureHexString(I)Ljava/lang/String; | virtualinvoke r1.<java.security.SecureRandom: void nextBytes(byte[])>(r3) | Unexpected call to method nextBytes on object of type java.security.SecureRandom. |
| - | - |
|
SecureRandom | org.apache.commons.math3.random.RandomDataGenerator.reSeedSecure()V | virtualinvoke $r1.<java.security.SecureRandom: void setSeed(long)>($l0) | Unexpected call to method setSeed on object of type java.security.SecureRandom. Expect a call to one of the following methods next,generateSeed,nextBytes |
| - | - |
|
SecureRandom | org.apache.commons.math3.random.RandomDataGenerator.reSeedSecure(J)V | virtualinvoke $r1.<java.security.SecureRandom: void setSeed(long)>(l0) | Unexpected call to method setSeed on object of type java.security.SecureRandom. Expect a call to one of the following methods next,generateSeed,nextBytes |
| 3.1.1 |
|
|
MessageDigest | org.apache.commons.math3.random.RandomDataGenerator.nextSecureHexString(I)Ljava/lang/String; | r17 = staticinvoke <java.security.MessageDigest: java.security.MessageDigest getInstance(java.lang.String)>(varReplacer2281) | First parameter (with value "SHA-1") should be any of {SHA-256, SHA-384, SHA-512} |
| - | - |
|
MessageDigest | org.apache.commons.math3.random.RandomDataGenerator.nextSecureHexString(I)Ljava/lang/String; | virtualinvoke r17.<java.security.MessageDigest: void reset()>() | Unexpected call to method reset on object of type java.security.MessageDigest. Expect a call to one of the following methods digest,update |
| - | - |
|
SecureRandom | org.apache.commons.math3.random.RandomDataGenerator.nextSecureHexString(I)Ljava/lang/String; | virtualinvoke r1.<java.security.SecureRandom: void nextBytes(byte[])>(r3) | Unexpected call to method nextBytes on object of type java.security.SecureRandom. |
| - | - |
|
SecureRandom | org.apache.commons.math3.random.RandomDataGenerator.reSeedSecure()V | virtualinvoke $r1.<java.security.SecureRandom: void setSeed(long)>($l0) | Unexpected call to method setSeed on object of type java.security.SecureRandom. Expect a call to one of the following methods next,generateSeed,nextBytes |
| - | - |
|
SecureRandom | org.apache.commons.math3.random.RandomDataGenerator.reSeedSecure(J)V | virtualinvoke $r1.<java.security.SecureRandom: void setSeed(long)>(l0) | Unexpected call to method setSeed on object of type java.security.SecureRandom. Expect a call to one of the following methods next,generateSeed,nextBytes |
| 3.2 |
|
|
MessageDigest | org.apache.commons.math3.random.RandomDataGenerator.nextSecureHexString(I)Ljava/lang/String; | r17 = staticinvoke <java.security.MessageDigest: java.security.MessageDigest getInstance(java.lang.String)>(varReplacer2556) | First parameter (with value "SHA-1") should be any of {SHA-256, SHA-384, SHA-512} |
| - | - |
|
MessageDigest | org.apache.commons.math3.random.RandomDataGenerator.nextSecureHexString(I)Ljava/lang/String; | virtualinvoke r17.<java.security.MessageDigest: void reset()>() | Unexpected call to method reset on object of type java.security.MessageDigest. Expect a call to one of the following methods digest,update |
| - | - |
|
SecureRandom | org.apache.commons.math3.random.RandomDataGenerator.nextSecureHexString(I)Ljava/lang/String; | virtualinvoke r1.<java.security.SecureRandom: void nextBytes(byte[])>(r3) | Unexpected call to method nextBytes on object of type java.security.SecureRandom. |
| - | - |
|
SecureRandom | org.apache.commons.math3.random.RandomDataGenerator.nextSecureLong(JJ)J | virtualinvoke r0.<java.security.SecureRandom: void nextBytes(byte[])>(r1) | Unexpected call to method nextBytes on object of type java.security.SecureRandom. |
| - | - |
|
SecureRandom | org.apache.commons.math3.random.RandomDataGenerator.reSeedSecure()V | virtualinvoke $r1.<java.security.SecureRandom: void setSeed(long)>($l0) | Unexpected call to method setSeed on object of type java.security.SecureRandom. Expect a call to one of the following methods next,generateSeed,nextBytes |
| - | - |
|
SecureRandom | org.apache.commons.math3.random.RandomDataGenerator.reSeedSecure(J)V | virtualinvoke $r1.<java.security.SecureRandom: void setSeed(long)>(l0) | Unexpected call to method setSeed on object of type java.security.SecureRandom. Expect a call to one of the following methods next,generateSeed,nextBytes |
| 3.3 |
|
|
MessageDigest | org.apache.commons.math3.random.RandomDataGenerator.nextSecureHexString(I)Ljava/lang/String; | r17 = staticinvoke <java.security.MessageDigest: java.security.MessageDigest getInstance(java.lang.String)>(varReplacer3306) | First parameter (with value "SHA-1") should be any of {SHA-256, SHA-384, SHA-512} |
| - | - |
|
MessageDigest | org.apache.commons.math3.random.RandomDataGenerator.nextSecureHexString(I)Ljava/lang/String; | virtualinvoke r17.<java.security.MessageDigest: void reset()>() | Unexpected call to method reset on object of type java.security.MessageDigest. Expect a call to one of the following methods digest,update |
| 3.4 |
|
|
MessageDigest | org.apache.commons.math3.random.RandomDataGenerator.nextSecureHexString(I)Ljava/lang/String; | r17 = staticinvoke <java.security.MessageDigest: java.security.MessageDigest getInstance(java.lang.String)>(varReplacer2011) | First parameter (with value "SHA-1") should be any of {SHA-256, SHA-384, SHA-512} |
| - | - |
|
MessageDigest | org.apache.commons.math3.random.RandomDataGenerator.nextSecureHexString(I)Ljava/lang/String; | virtualinvoke r17.<java.security.MessageDigest: void reset()>() | Unexpected call to method reset on object of type java.security.MessageDigest. Expect a call to one of the following methods digest,update |
| 3.4.1 |
|
|
MessageDigest | org.apache.commons.math3.random.RandomDataGenerator.nextSecureHexString(I)Ljava/lang/String; | r17 = staticinvoke <java.security.MessageDigest: java.security.MessageDigest getInstance(java.lang.String)>(varReplacer3618) | First parameter (with value "SHA-1") should be any of {SHA-256, SHA-384, SHA-512} |
| - | - |
|
MessageDigest | org.apache.commons.math3.random.RandomDataGenerator.nextSecureHexString(I)Ljava/lang/String; | virtualinvoke r17.<java.security.MessageDigest: void reset()>() | Unexpected call to method reset on object of type java.security.MessageDigest. Expect a call to one of the following methods digest,update |
| 3.5 |
|
|
MessageDigest | org.apache.commons.math3.random.RandomDataGenerator.nextSecureHexString(I)Ljava/lang/String; | r17 = staticinvoke <java.security.MessageDigest: java.security.MessageDigest getInstance(java.lang.String)>(varReplacer2010) | First parameter (with value "SHA-1") should be any of {SHA-256, SHA-384, SHA-512} |
| - | - |
|
MessageDigest | org.apache.commons.math3.random.RandomDataGenerator.nextSecureHexString(I)Ljava/lang/String; | virtualinvoke r17.<java.security.MessageDigest: void reset()>() | Unexpected call to method reset on object of type java.security.MessageDigest. Expect a call to one of the following methods digest,update |
| 3.6 |
|
|
MessageDigest | org.apache.commons.math3.random.RandomDataGenerator.nextSecureHexString(I)Ljava/lang/String; | r17 = staticinvoke <java.security.MessageDigest: java.security.MessageDigest getInstance(java.lang.String)>(varReplacer4905) | First parameter (with value "SHA-1") should be any of {SHA-256, SHA-384, SHA-512} |
| - | - |
|
MessageDigest | org.apache.commons.math3.random.RandomDataGenerator.nextSecureHexString(I)Ljava/lang/String; | virtualinvoke r17.<java.security.MessageDigest: void reset()>() | Unexpected call to method reset on object of type java.security.MessageDigest. Expect a call to one of the following methods digest,update |
| 3.6.1 |
|
|
MessageDigest | org.apache.commons.math3.random.RandomDataGenerator.nextSecureHexString(I)Ljava/lang/String; | r17 = staticinvoke <java.security.MessageDigest: java.security.MessageDigest getInstance(java.lang.String)>(varReplacer4453) | First parameter (with value "SHA-1") should be any of {SHA-256, SHA-384, SHA-512} |
| - | - |
|
MessageDigest | org.apache.commons.math3.random.RandomDataGenerator.nextSecureHexString(I)Ljava/lang/String; | virtualinvoke r17.<java.security.MessageDigest: void reset()>() | Unexpected call to method reset on object of type java.security.MessageDigest. Expect a call to one of the following methods digest,update |