Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(java): missing or permissive ssl hostname verifier (CWE-295) #231

Merged
merged 3 commits into from
Feb 26, 2024
Merged

feat(java): missing or permissive ssl hostname verifier (CWE-295) #231

merged 3 commits into from
Feb 26, 2024

Conversation

elsapet
Copy link
Collaborator

@elsapet elsapet commented Feb 5, 2024

Description

Add java rule for missing / permissive SSL hostname verification

Relates to #197

Checklist

  • I've added a snapshot that shows my rule works as expected.
  • My rule has adequate metadata to explain its use.
  • PR title follows Conventional Commits format

@elsapet elsapet requested a review from cfabianski February 5, 2024 15:24
@elsapet elsapet marked this pull request as draft February 6, 2024 10:04
@elsapet elsapet force-pushed the feat/java/ssl-hostname-verifier branch from 8df6d6a to e377e5a Compare February 6, 2024 10:29
@elsapet elsapet mentioned this pull request Feb 6, 2024
Closed
37 tasks
@cfabianski cfabianski force-pushed the feat/java/ssl-hostname-verifier branch from 34cc9a6 to 3950a0b Compare February 19, 2024 10:27
@cfabianski cfabianski marked this pull request as ready for review February 19, 2024 10:27
@cfabianski
Copy link
Collaborator

Related to this Bearer/bearer#1502

@cfabianski
Copy link
Collaborator

All 💚 in canary https://github.com/Bearer/bearer-rules/actions/runs/7975287908

@elsapet elsapet force-pushed the feat/java/ssl-hostname-verifier branch 4 times, most recently from 984f661 to 15fca5c Compare February 26, 2024 13:46
@elsapet elsapet force-pushed the feat/java/ssl-hostname-verifier branch from 15fca5c to 44df679 Compare February 26, 2024 13:54
@cfabianski cfabianski merged commit ffc389e into main Feb 26, 2024
22 checks passed
@cfabianski cfabianski deleted the feat/java/ssl-hostname-verifier branch February 26, 2024 14:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cfabianski cfabianski cfabianski approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@elsapet @cfabianski