cxf-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Romi Awasthy <romiawas...@gmail.com>
Subject Veracode static scan
Date Sat, 01 Dec 2012 21:20:17 GMT
 We are using Apache CXF Rest for our Restful web services. We ran Veracode's static security
scan on our code base and have identified some flaws in Apache CXF code, in following categories:

http://www.owasp.org/index.php/Unsafe_Reflection

http://webappsec.pbworks.com/Improper-Output-Handling

http://webappsec.pbworks.com/Path-Traversal

http://webappsec.pbworks.com/HTTP-Response-Splitting


Has anyone else seen these flaws in Apache CXF code and knows any way to resolve them?
Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message