You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@activemq.apache.org by duttaab <ab...@actiance.com> on 2018/04/10 07:15:17 UTC
Veracode Scan
Hi,
As part of security compliance we need to run Veracode scan on our products.
One of our products running on Linux (RHEL 7) use ActiveMQ (C++ lib)
extensively for IPC. The scan has reported following errors and their
severity.
Type Severity
--------------------------------------
1. Buffer Overflow Very High
2. Numeric Errors Very High
3. Buffer Mgmt. Medium
Wanted to know is there any one in the AcitiveMQ user community who has run
Veracode and if so, please share your experience or thought to mitigate the
issues.
~Thanx
Abhijit
--
Sent from: http://activemq.2283324.n4.nabble.com/ActiveMQ-User-f2341805.html
Re: Veracode Scan
Posted by Илья Шипицин <ch...@gmail.com>.
veracode is paid software.
can you provide (maybe in private) detailed report ?
2018-04-10 12:15 GMT+05:00 duttaab <ab...@actiance.com>:
> Hi,
>
> As part of security compliance we need to run Veracode scan on our
> products.
> One of our products running on Linux (RHEL 7) use ActiveMQ (C++ lib)
> extensively for IPC. The scan has reported following errors and their
> severity.
>
> Type Severity
> --------------------------------------
> 1. Buffer Overflow Very High
> 2. Numeric Errors Very High
> 3. Buffer Mgmt. Medium
>
> Wanted to know is there any one in the AcitiveMQ user community who has run
> Veracode and if so, please share your experience or thought to mitigate the
> issues.
>
> ~Thanx
> Abhijit
>
>
>
>
>
> --
> Sent from: http://activemq.2283324.n4.nabble.com/ActiveMQ-User-
> f2341805.html
>