Get Started
- CodeAnt AI
- Control Center
- Pull Request Review
- IDE
- Compliance
- Anti-Patterns
- Code Governance
- Infrastructure Security Database
- Application Security Database
- Apex
- Bash
- C
- Clojure
- Cpp
- Csharp
- Dockerfile
- Elixir
- Fingerprints
- Generic
- Go
- Html
- Java
- Javascript
- Ajv
- Angular
- Apollo
- Argon2
- Audit
- Aws-lambda
- Axios
- Bluebird
- Browser
- Chrome-remote-interface
- Crypto
- Deno
- Express
- Fbjs
- Firebase
- Grpc
- Intercom
- Jose
- Jquery
- Jsonwebtoken
- Jssha
- Jssha-sha1
- Jwt-simple
- Knex
- Lang
- Monaco-editor
- Mongodb
- Mongoose
- Mssql
- Mysql
- Node-expat
- Passport-jwt
- Pg
- Phantom
- Playwright
- Puppeteer
- React
- Sandbox
- Sax
- Sequelize
- Serialize-javascript
- Shelljs
- Superagent
- Thenify
- Vm2
- Vue
- Wkhtmltoimage
- Wkhtmltopdf
- Xml2json
- Json
- Kotlin
- Ocaml
- Php
- Problem-based-packs
- Python
- Ruby
- Rust
- Scala
- Solidity
- Swift
- Terraform
- Typescript
- Yaml
Jssha-sha1
Jssha sha1
The SHA1 hashing algorithm is considered to be weak. If this is used in any sensitive operation such as password hashing, or is used to ensure data integrity (collision sensitive) then you should use a stronger hashing algorithm. For passwords, consider using Argon2id, scrypt, or bcrypt. For data integrity, consider using SHA-256.
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-327: Use of a Broken or Risky Cryptographic Algorithm
OWASP:
- A03:2017 - Sensitive Data Exposure
- A02:2021 - Cryptographic Failures