Up2Dep

Back to library list

org.apache.ivy__ivy

Column Insecure: Icon yes indicates the version is insecure, otherwise no
Column CryptoMisuse: Icon yes indicates the version has cryptographic API misuse, otherwise no
Version Insecure CryptoMisuse Rule name Method Statement Details
2.0.0 no       yes HttpConnection org.apache.ivy.core.settings.IvySettings.configureRepositories(Z)V specialinvoke r31.<java.net.URL: void <init>(java.lang.String)>(varReplacer2427) First parameter (with value "http://ant.apache.org/ivy/repository.properties") should be any of http://{Empty String}
- - yes MessageDigest org.apache.ivy.util.ChecksumHelper.computeAsString(Ljava/io/File;Ljava/lang/String;)Ljava/lang/String; virtualinvoke r3.<java.security.MessageDigest: void reset()>() Unexpected call to method reset on object of type java.security.MessageDigest. Expect a call to one of the following methods digest,update
2.1.0 no       yes HttpConnection org.apache.ivy.core.settings.IvySettings.configureRepositories(Z)V specialinvoke r31.<java.net.URL: void <init>(java.lang.String)>(varReplacer2527) First parameter (with value "http://ant.apache.org/ivy/repository.properties") should be any of http://{Empty String}
- - yes MessageDigest org.apache.ivy.util.ChecksumHelper.computeAsString(Ljava/io/File;Ljava/lang/String;)Ljava/lang/String; virtualinvoke r3.<java.security.MessageDigest: void reset()>() Unexpected call to method reset on object of type java.security.MessageDigest. Expect a call to one of the following methods digest,update
2.2.0 no       yes HttpConnection org.apache.ivy.core.settings.IvySettings.configureRepositories(Z)V specialinvoke r31.<java.net.URL: void <init>(java.lang.String)>(varReplacer2586) First parameter (with value "http://ant.apache.org/ivy/repository.properties") should be any of http://{Empty String}
- - yes MessageDigest org.apache.ivy.util.ChecksumHelper.computeAsString(Ljava/io/File;Ljava/lang/String;)Ljava/lang/String; virtualinvoke r3.<java.security.MessageDigest: void reset()>() Unexpected call to method reset on object of type java.security.MessageDigest. Expect a call to one of the following methods digest,update
2.3.0 no       yes MessageDigest org.apache.ivy.core.cache.DefaultRepositoryCacheManager.<clinit>()V $r1 = staticinvoke <java.security.MessageDigest: java.security.MessageDigest getInstance(java.lang.String)>(varReplacer1561) First parameter (with value "SHA1") should be any of {SHA-256, SHA-384, SHA-512}
- - yes HttpConnection org.apache.ivy.core.settings.IvySettings.configureRepositories(Z)V specialinvoke r31.<java.net.URL: void <init>(java.lang.String)>(varReplacer2720) First parameter (with value "http://ant.apache.org/ivy/repository.properties") should be any of http://{Empty String}
- - yes MessageDigest org.apache.ivy.util.ChecksumHelper.computeAsString(Ljava/io/File;Ljava/lang/String;)Ljava/lang/String; virtualinvoke r3.<java.security.MessageDigest: void reset()>() Unexpected call to method reset on object of type java.security.MessageDigest. Expect a call to one of the following methods digest,update
2.4.0 no       yes MessageDigest org.apache.ivy.core.cache.DefaultRepositoryCacheManager.<clinit>()V $r1 = staticinvoke <java.security.MessageDigest: java.security.MessageDigest getInstance(java.lang.String)>(varReplacer1627) First parameter (with value "SHA1") should be any of {SHA-256, SHA-384, SHA-512}
- - yes HttpConnection org.apache.ivy.core.settings.IvySettings.configureRepositories(Z)V specialinvoke $r5.<java.net.URL: void <init>(java.lang.String)>(varReplacer2847) First parameter (with value "http://ant.apache.org/ivy/repository.properties") should be any of http://{Empty String}
- - yes MessageDigest org.apache.ivy.util.ChecksumHelper.computeAsString(Ljava/io/File;Ljava/lang/String;)Ljava/lang/String; virtualinvoke r3.<java.security.MessageDigest: void reset()>() Unexpected call to method reset on object of type java.security.MessageDigest. Expect a call to one of the following methods digest,update