AWS logo
Amazon QDetector LibrarySign in to Amazon Q
AWSbreadcrumb dividerDocumentationbreadcrumb dividerAmazon Qbreadcrumb dividerDetector Librarybreadcrumb dividerScalabreadcrumb dividerTagsbreadcrumb dividerTag: cryptographyFeedbackFeedback icon

Q

Detector Library

Scala detectors (28/28)

Improper Neutralization of Special Elements in Data QueryAvoid Persistent CookiesImproper AuthenticationArgument InjectionInsecure host name verifierInsecure CryptographyTemplate InjectionUntrusted data in http sessionInsecure servlet handlingInsecure connection using unencrypted protocolDeserialization of Untrusted DataInsecure servlet handlingUse of Insufficiently Random ValuesInsecure cookieUse Of RSA AlgorithmPath TraversalURL redirection to untrusted siteImproper Validation Of Array IndexInsufficient Protected CredentialsInsecure jax endpoint usageXML External EntityInsecure CORS policyExternal Access to Files or DirectoriesIncorrect Certificate Hostname VerificationImproper privilege managementCross-site scriptingImproper Certificate ValidationDisabled HTML autoescape

Tag: cryptography

Insecure Cryptography

Use of insecure cryptography

Insecure connection using unencrypted protocol

Connections that use insecure protocols transmit data in cleartext, which can leak sensitive information.

Insecure cookie

Insecure cookies can lead to unencrypted transmission of sensitive data.

Use Of RSA Algorithm

RSA algorithm does not incorporate Optimal Asymmetric Encryption Padding (OAEP), which might weaken the encryption.