-
Bug
-
Resolution: Unresolved
-
High
-
Honolulu Release
Sonarcloud identified the following security bugs in your project and, as agreed by the TSC, should be fixed within the Honolulu release. Any not finished in Honolulu must be fixed within the Istanbul release. Follow each of the URLs for details on each each bug, along with recommended fixes.
If any of the links below fail, please find your code on the master list found at <https://sonarcloud.io/organizations/onap/issues?resolved=false&sonarsourceSecurity=weak-cryptography>.
Project: onap_aai-rest-client
Component: onap_aai-rest-client:src/main/java/org/onap/aai/restclient/rest/RestClientBuilder.java
Message: Enable server hostname verification on this SSL/TLS connection.
Severity: CRITICAL
Line: 230
Effort: 5min
Creation-Date: 2018-11-21T13:11:43+0100
URL: https://sonarcloud.io/project/issues?id=onap_aai-aai-common&issues=AXBWy9dVbAHhGQgmrNcS&open=AXBWy9dVbAHhGQgmrNcS
Project: onap_aai-model-loader
Component: onap_aai-model-loader:src/main/java/org/onap/aai/modelloader/restclient/HttpsBabelServiceClient.java
Message: Enable server hostname verification on this SSL/TLS connection.
Severity: CRITICAL
Line: 128
Effort: 5min
Creation-Date: 2018-06-06T16:37:53+0200
URL: https://sonarcloud.io/project/issues?id=onap_aai-aai-common&issues=AXBXug-rg-g0c4ts1eHC&open=AXBXug-rg-g0c4ts1eHC
Project: onap_aai-cacher
Component: onap_aai-cacher:src/main/java/org/onap/aai/cacher/util/RestClient.java
Message: Enable server hostname verification on this SSL/TLS connection.
Severity: CRITICAL
Line: 75
Effort: 5min
Creation-Date: 2018-08-31T17:10:32+0200
URL: [-https://sonarcloud.io/project/issues?id=onap_aai-aai-common&issues=AXBTs9WmBjsJ0QHatf35&open=AXBTs9WmBjsJ0QHatf35-]
the above is in maintenance and will not be addressed
Project: onap_aai-aai-common
Component: onap_aai-aai-common:aai-core/src/main/java/org/onap/aai/util/HttpsAuthClient.java
Message: Enable server hostname verification on this SSL/TLS connection.
Severity: CRITICAL
Line: 90
Effort: 5min
Creation-Date: 2017-05-24T19:46:59+0200
URL: https://sonarcloud.io/project/issues?id=onap_aai-aai-common&issues=AXBcgfwclG1iYV3Z37Vh&open=AXBcgfwclG1iYV3Z37Vh
Project: onap_aai-aai-common
Component: onap_aai-aai-common:aai-core/src/main/java/org/onap/aai/util/HttpsAuthClient.java
Message: Enable server hostname verification on this SSL/TLS connection.
Severity: CRITICAL
Line: 115
Effort: 5min
Creation-Date: 2017-05-24T19:46:59+0200
URL: https://sonarcloud.io/project/issues?id=onap_aai-aai-common&issues=AXBcgfwclG1iYV3Z37Vi&open=AXBcgfwclG1iYV3Z37Vi
Project: onap_aai-aai-common
Component: onap_aai-aai-common:aai-core/src/main/java/org/onap/aai/util/HttpsAuthExternalClient.java
Message: Enable server hostname verification on this SSL/TLS connection.
Severity: CRITICAL
Line: 65
Effort: 5min
Creation-Date: 2018-01-18T23:42:01+0100
URL: https://sonarcloud.io/project/issues?id=onap_aai-aai-common&issues=AXBcgfw3lG1iYV3Z37Vj&open=AXBcgfw3lG1iYV3Z37Vj
Project: onap_aai-aai-common
Component: onap_aai-aai-common:aai-core/src/main/java/org/onap/aai/util/HttpsAuthExternalClient.java
Message: Enable server hostname verification on this SSL/TLS connection.
Severity: CRITICAL
Line: 97
Effort: 5min
Creation-Date: 2018-01-18T23:42:01+0100
URL: https://sonarcloud.io/project/issues?id=onap_aai-aai-common&issues=AXBcgfw3lG1iYV3Z37Vk&open=AXBcgfw3lG1iYV3Z37Vk
Project: onap_aai-aai-common
Component: onap_aai-aai-common:aai-rest/src/main/java/org/onap/aai/restclient/OneWaySSLRestClient.java
Message: Enable server hostname verification on this SSL/TLS connection.
Severity: CRITICAL
Line: 69
Effort: 5min
Creation-Date: 2019-04-11T05:43:41+0200
URL: https://sonarcloud.io/project/issues?id=onap_aai-aai-common&issues=AXBcggltlG1iYV3Z37Vq&open=AXBcggltlG1iYV3Z37Vq
Project: onap_aai-aai-common
Component: onap_aai-aai-common:aai-rest/src/main/java/org/onap/aai/restclient/TwoWaySSLRestClient.java
Message: Enable server hostname verification on this SSL/TLS connection.
Severity: CRITICAL
Line: 76
Effort: 5min
Creation-Date: 2019-04-11T05:43:41+0200
URL: https://sonarcloud.io/project/issues?id=onap_aai-aai-common&issues=AXBcggnllG1iYV3Z37Vs&open=AXBcggnllG1iYV3Z37Vs
Project: onap_aai-aai-common
Component: onap_aai-aai-common:aai-schema-abstraction/src/main/java/org/onap/aai/schemaif/json/SecureClientHttpRequestFactory.java
Message: Enable server hostname verification on this SSL/TLS connection.
Severity: CRITICAL
Line: 64
Effort: 5min
Creation-Date: 2019-10-29T22:36:53+0100
URL: https://sonarcloud.io/project/issues?id=onap_aai-aai-common&issues=AXBcggVOlG1iYV3Z37Vn&open=AXBcggVOlG1iYV3Z37Vn
Project: onap_aai-aai-common
Component: onap_aai-aai-common:aai-schema-abstraction/src/main/java/org/onap/aai/schemaif/json/SecureClientHttpRequestFactory.java
Message: Enable server certificate validation on this SSL/TLS connection.
Severity: CRITICAL
Line: 86
Effort: 5min
Creation-Date: 2019-10-29T22:36:53+0100
URL: https://sonarcloud.io/project/issues?id=onap_aai-aai-common&issues=AXBcggVOlG1iYV3Z37Vo&open=AXBcggVOlG1iYV3Z37Vo
Project: onap_aai-aai-common
Component: onap_aai-aai-common:aai-schema-abstraction/src/main/java/org/onap/aai/schemaif/json/SecureClientHttpRequestFactory.java
Message: Enable server certificate validation on this SSL/TLS connection.
Severity: CRITICAL
Line: 89
Effort: 5min
Creation-Date: 2019-10-29T22:36:53+0100
URL: https://sonarcloud.io/project/issues?id=onap_aai-aai-common&issues=AXBcggVOlG1iYV3Z37Vp&open=AXBcggVOlG1iYV3Z37Vp
- clones
-
SDC-3495 fix CRITICAL weak-cryptography issues identified in sonarcloud
- Closed
- is cloned by
-
DCAEGEN2-2656 fix CRITICAL weak-cryptography issues identified in sonarcloud
- Closed
- relates to
-
REQ-443 CONTINUATION OF BEST PRACTICES BADGING SCORE IMPROVEMENTS FOR SILVER LEVEL
- In Progress
- mentioned in
-
Page Loading...