Repositorio
paramiko/paramiko
Escaneado el 13 may 2026
Puntuación de riesgo/ 100
Riesgo alto
Resumen
Paramiko SSH library contains 52 quantum-vulnerable cryptographic implementations including RSA, ECDSA, ECDH, and classical Diffie-Hellman primitives that will be broken by quantum computers. SHA-1 and MD5 are used in 10 critical locations, creating immediate collision attack risks. Migration to NIST-approved post-quantum algorithms (ML-KEM, ML-DSA, SLH-DSA) is essential for long-term security compliance.
10
42
0
0
Hallazgos principales
- CríticoRSA key ≤ 2048 bits
tests/conftest.py:132
Evidencia
"rsa-sha2-512", - CríticoMD5
paramiko/sftp.py:161
SHA3-256 or SHA-256
Evidencia
extension_pairs = ["check-file", "md5,sha1"] - CríticoSHA-1
tests/test_packetizer.py:25
SHA-256 or SHA3-256
Evidencia
from hashlib import sha1 - CríticoSHA-1
tests/test_util.py:25
SHA-256 or SHA3-256
Evidencia
from hashlib import sha1 - CríticoRSA key ≤ 2048 bits
tests/agent.py:104
Evidencia
(dict(algorithm="rsa-sha2-512"), SSH_AGENT_RSA_SHA2_512),
+ 47 hallazgos más en el reporte completo
Escanea tu propio repositorio
Gratis. Resultados en ~90 segundos. CBOM + PDF DORA/NIS2 incluidos.