Missing Optimal Asymmetric Encryption Padding (OAEP)
PreviousMissing HTTP Only Option in Cookie ConfigurationNextMissing or Permissive SSL Hostname Verifier
Last updated
Last updated
Rule ID: java_lang_rsa_no_padding
Applicable Languages: Java
Weakness ID: CWE-780
The RSA encryption algorithm is vulnerable without the use of Optimal Asymmetric Encryption Padding (OAEP). This vulnerability can result in security risks, including information disclosure.
Always use OAEP with RSA encryption to enhance security and mitigate vulnerabilities.
To omit this rule during a scan, and to provide you with continuous 24/7 code-level scanning, you can employ our