Wildfly31.0.1: Netty-Handler-4.1.106.Final.jar flagged by Veracode Scanner
16 views
Skip to first unread message
Bryan Mulkey
Jun 28, 2024, 11:23:57 AM (9 days ago) Jun 28
to WildFly
According to a Veracode scan performed on our app running WildFly31.0.1, netty-handler-4.1.106.Final was flagged as vulnerable due to the fact that the SSLEngine used does not enable hostname verification by default.
Is there anything configuration-wise within WildFly that can be done to enable hostname verification?
https://sca.analysiscenter.veracode.com/vulnerability-database/security/sca/vulnerability/sid-22277/summary
Thanks,
Is there anything configuration-wise within WildFly that can be done to enable hostname verification?
https://sca.analysiscenter.veracode.com/vulnerability-database/security/sca/vulnerability/sid-22277/summary
Thanks,
Bryan
Reply all
Reply to author
Forward
0 new messages