Use of Weak Hash (4.12)
| Property | |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-328: Use of Weak Hash (4.12) |
| Confidence Level | Low |
| Impact Level | Medium |
| Likelihood Level | Medium |
Description#
The OCaml Digest module uses the outdated MD5 hashing algorithm, which is no longer considered secure. Using it for hashing sensitive data can expose your application to security risks.
Impact#
Attackers could exploit weaknesses in MD5 to create hash collisions, allowing them to bypass integrity checks, tamper with data, or impersonate users. This can lead to data breaches, unauthorized access, or other serious security issues.