# Use of Weak Cryptographic Algorithm

- ID: go-weak-crypto-algorithm
- Severity: HIGH
- CWE: Broken Cryptographic Algorithm (CWE-327)
- Languages: Go
- Frameworks: stdlib

## Description

Uses MD5, SHA1, DES, or RC4 which are cryptographically broken.

## Detection Message

Weak cryptographic algorithm detected: {issue_type}

## Remediation

Replace weak cryptographic algorithms with secure alternatives:
- For passwords: use bcrypt, scrypt, or argon2
- For hashing: use SHA-256 or SHA-512
- For encryption: use AES-256-GCM or ChaCha20-Poly1305

## Documentation

[object Object]

## Related Rules

- **JWT Algorithm Confusion Attack** [HIGH]: 
- **Use of Weak Cryptographic Algorithm** [HIGH]: 
- **Weak Cryptographic Algorithm** [MEDIUM]: