Avoid weak hash algorithms | Critiq Docs

#Metadata

Rule ID: security.weak-hash-algorithm
Severity: high
Confidence: 0.9
Languages: go, java, javascript, php, python, ruby, rust, typescript
Presets: recommended, security, strict
Stability: stable
Applies to: block
Tags: crypto, hash, rules-catalog, security

#Why it matters

Weak digests such as MD5 and SHA-1 are vulnerable to collisions and should not be used for security-sensitive hashing.

#Remediation

Use SHA-256, SHA-384, SHA-512, or a stronger approved hashing primitive instead.

#Repository path

The generated metadata points to critiq-rules/libs/rules/catalog/rules/shared/security.weak-hash-algorithm.rule.yaml.

Back to registry Open rule in repository