Skip to content
QuantumScanReporte público de escaneo

Repositorio

deepset-ai/haystack

Escaneado el 25 jun 2026

12

Puntuación de riesgo/ 100

Limpio

Resumen

The repository contains 3 MD5 usages, all located in a GitHub utility script for docstring checksum verification. These findings are cryptographically weak but pose minimal business risk as they are used solely for non-security purposes (detecting documentation changes in CI/CD pipelines).

Crítico

3

Alto

0

Medio

0

Bajo

0

Hallazgos principales

  • CríticoCWE-328MD5

    .github/utils/docstrings_checksum.py:31

    SHA3-256 or SHA-256

    Evidencia
    return hashlib.md5(str(docstrings).encode("utf-8")).hexdigest()
  • CríticoCWE-328MD5

    .github/utils/docstrings_checksum.py:45

    SHA3-256 or SHA-256

    Evidencia
    md5 = docstrings_checksum(haystack_files)
  • CríticoCWE-328MD5

    .github/utils/docstrings_checksum.py:46

    SHA3-256 or SHA-256

    Evidencia
    print(md5)

Escanea tu propio repositorio

Gratis. Resultados en ~90 segundos. CBOM + PDF DORA/NIS2 incluidos.

Iniciar un escaneo gratis