activemq-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Илья Шипицин <chipits...@gmail.com>
Subject Re: Veracode Scan
Date Tue, 10 Apr 2018 07:45:03 GMT
veracode is paid software.

can you provide (maybe in private) detailed report ?

2018-04-10 12:15 GMT+05:00 duttaab <abdutta@actiance.com>:

> Hi,
>
> As part of security compliance we need to run Veracode scan on our
> products.
> One of our products running on Linux (RHEL 7) use ActiveMQ (C++ lib)
> extensively for IPC.  The scan has reported following errors and their
> severity.
>
>         Type                               Severity
>         --------------------------------------
> 1. Buffer Overflow                  Very High
> 2. Numeric Errors                   Very High
> 3. Buffer Mgmt.                      Medium
>
> Wanted to know is there any one in the AcitiveMQ user community who has run
> Veracode and if so, please share your experience or thought to mitigate the
> issues.
>
> ~Thanx
> Abhijit
>
>
>
>
>
> --
> Sent from: http://activemq.2283324.n4.nabble.com/ActiveMQ-User-
> f2341805.html
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message