veracode is paid software. can you provide (maybe in private) detailed report ?
2018-04-10 12:15 GMT+05:00 duttaab <abdu...@actiance.com>: > Hi, > > As part of security compliance we need to run Veracode scan on our > products. > One of our products running on Linux (RHEL 7) use ActiveMQ (C++ lib) > extensively for IPC. The scan has reported following errors and their > severity. > > Type Severity > -------------------------------------- > 1. Buffer Overflow Very High > 2. Numeric Errors Very High > 3. Buffer Mgmt. Medium > > Wanted to know is there any one in the AcitiveMQ user community who has run > Veracode and if so, please share your experience or thought to mitigate the > issues. > > ~Thanx > Abhijit > > > > > > -- > Sent from: http://activemq.2283324.n4.nabble.com/ActiveMQ-User- > f2341805.html >
