Use of a Broken or Risky Cryptographic Algorithm Affecting hydrolib-core package, versions [,0.9.1)
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsSnyk Learn
Learn about Use of a Broken or Risky Cryptographic Algorithm vulnerabilities in an interactive lesson.
Start learning- Snyk IDSNYK-PYTHON-HYDROLIBCORE-12671320
- published17 Sept 2025
- disclosed10 Jul 2025
- creditUnknown
Introduced: 10 Jul 2025
CVE NOT AVAILABLE CWE-327 (opens in a new tab)Common Weakness Enumeration (CWE) is a category system for software weaknesses
How to fix?
Upgrade hydrolib-core to version 0.9.1 or higher.
Overview
hydrolib-core is a Python wrappers around D-HYDRO Suite.
Affected versions of this package are vulnerable to Use of a Broken or Risky Cryptographic Algorithm via the use of the MD5 hash algorithm in security-sensitive contexts. An attacker can exploit this vulnerability to trigger security scanner false positives and cause incompatibility issues in FIPS-compliant environments where MD5 is restricted for cryptographic purposes.