cwe-329-missing-random-iv
OfficialSecure Java crypto: Fix missing random IV.
AuthorDevelopersCoffee
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill addresses critical security vulnerabilities in Java applications arising from the improper use of Initialization Vectors (IVs) in cryptographic modes like CBC, preventing potential data breaches.
Core Features & Use Cases
- Vulnerability Remediation: Identifies and fixes the "Missing Random IV in CBC Mode" vulnerability (CWE-329).
- Secure Cryptography: Implements best practices for generating and using random IVs with modern encryption algorithms like AES-GCM.
- Use Case: Automatically refactor Java code that uses a static or predictable IV in AES/CBC mode to use a securely generated, unique IV for each encryption operation, enhancing data confidentiality.
Quick Start
Use the cwe-329-missing-random-iv skill to secure the provided Java code snippet against missing random IV in CBC mode vulnerabilities.
Dependency Matrix
Required Modules
None requiredComponents
references
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: cwe-329-missing-random-iv Download link: https://github.com/DevelopersCoffee/java-cwe-security-skills/archive/main.zip#cwe-329-missing-random-iv Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 223,000+ vetted skills library on demand.