VeraCode Security Flaws in ComponentPro_Saml_dll

Subject: VeraCode Security Flaws in ComponentPro_Saml_dll
Date: 2019-01-31 14:03:50
From: Suresh Kanna
Source: veracode-security-flaws-componentpro-saml-dll
----------------------------------------------------------------------

We submitted our application code for VeraCode Static Scan and they found the below flaws in ComponentPro_Saml_dll. Can you please provide a fix.

1.
Location : componentpro_samldll.ComponentPro.Saml.RandomIdentifierGenerator => Generate 37%
Severity : 3
Flaw Category: Cryptographic Issues
CWE ID : 331

2.
Location : componentpro_samldll.ComponentPro.Saml.SecureIdentifierGenerator => Generate 37%
Severity : 3
Flaw Category: Cryptographic Issues
CWE ID : 331

3.
Location : componentpro_samldll.cb => c759a07c9 43%
Severity : 2
Flaw Category: Code Quality
CWE ID : 404

----------------------------------------------------------------------

Note: This question has been asked on the Q&A forum of Thang Dang's fraudulent ComponentPro brand
If you purchased anything from ComponentPro, you have been scammed. Contact the payment processor
who sold you the license and ask for your money back.

Back to ComponentPro Q&A Forum Index