commons-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From sebb <>
Subject [ALL] Update to commons security page
Date Tue, 15 Oct 2019 09:58:36 GMT
It might be useful to add a note to the commons security page about
automated vulnerability checkers.

These tend to produce a lot of false positives and may report items
which could never be a security issue (e.g. poor code style, dead

Even if the issue is potentially a vulnerability, it often depends on
the context.
This is particularly true of Commons - the code generally relies on
the application to do validation of input parameters.


To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message