Skip to content

Weak Cryptographic Algorithms #506

New issue
New issue
Open
Open
Weak Cryptographic Algorithms#506
@AlexMiller998s

Description

@AlexMiller998s
AlexMiller998s
opened on Sep 5, 2025

Braintree SDK Version

6.16.0

Environment

Both

Android Version & Device

ALL

Braintree dependencies

implementation 'com.braintreepayments.api:drop-in:6.16.0'

Describe the bug

Risk Rating: Low

Category: Insufficient Cryptography

Description: Application supports SHA1 and MD5 hash function which is vulnerable algorithm.
SHA 1 and RIPEMD-128 is being used which is obsolete.
AES/CBC/PKCS5/PKCS7 Padding should be replaced with GCM.
RSA/ECB/PKCS1Padding – deprecated.

Impact: An attacker may be able to connect to the application using a weak or vulnerable encryption algorithm making it possible for an attacker to decrypt data.

Remediation Recommendation: Disable support for SHA1 and MD5 hash function. Use hashing algorithms such as SHA-256, SHA-384, or SHA-512.

Image Image

To reproduce

N/A

Expected behavior

no Weak Cryptographic Algorithms

Screenshots

Image Image

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions