CodeQL: Add support for CodeQL's handling of CWE-327/328

OWASP-Benchmark / BenchmarkUtils

OWASP Benchmark Project Utilities - Provides scorecard generation and crawling tools for Benchmark style test suites.

https://owasp.org/www-project-benchmark/

GNU General Public License v3.0

13 stars 48 forks source link

CodeQL: Add support for CodeQL's handling of CWE-327/328 #58

Closed egregius313 closed 7 months ago

egregius313 commented 7 months ago

CodeQL for Java does not distinguish between CWE-327 and CWE-328. This adds CodeQL to the list of tools which do not distinguish between weak encryption and weak hashing.