Inadequate Cryptographic Key Size and Insecure Cryptographic Mode. File Name :- curl_ntlm_core.c

The application is generating cryptographic keys or key pairs using a short and inadequate length. This application is using the ECB (Electronic Codebook) mode of operation to perform encryption, which is considered semantically insecure. Vulnerable File name :- curl_ntlm_core.c Vulnerable line no. 274 :- err = CCCrypt(kCCEncrypt, kCCAlgorithmDES, kCCOptionECBMode, key, ## Impact If a message with identical blocks is encrypted, an attacker get a certain advantage to have information on plaintext, by only observing CipherText.