VeraCode Security Flaws in ComponentPro_Saml_dll

0
We submitted our application code for VeraCode Static Scan and they found the below flaws in ComponentPro_Saml_dll. Can you please provide a fix. 1. Location : componentpro_samldll.ComponentPro.Saml.RandomIdentifierGenerator => Generate 37% Severity : 3 Flaw Category: Cryptographic Issues CWE ID : 331 2. Location : componentpro_samldll.ComponentPro.Saml.SecureIdentifierGenerator => Generate 37% Severity : 3 Flaw Category: Cryptographic Issues CWE ID : 331 3. Location : componentpro_samldll.cb => c759a07c9 43% Severity : 2 Flaw Category: Code Quality CWE ID : 404
 
asked 1/31/2019 2:03:50 PM
add a comment

1 Answers

0
1 and 2: You can ignore that issue since we do not use that one in our code. It's just a utility method for developer to use. 3: We are checking that one. We will have them fixed in our next major release.
 
answered 2/8/2019 9:30:09 AM
add a comment

Your Answer

Not the answer you're looking for? Browse other questions tagged saml or ask your own question.