OpenSSL Heartbleed

Jan_Blok · April 16, 2014, 7:30am

As you may know there is a vulnerability found in OpenSSL.
We received the question from several customers:

Do we have any exposure to the OpenSSL Heartbleed vulnerability with our Servoy deployments?

The answer is no.
Java and JVM are not using OpenSSL and therefor are not affected.
If you are are using postgress with ssl db connections, you might want to read this.

Yeroc · April 16, 2014, 8:21pm

I suppose this ought to be obvious but if you’re using Apache or another web server in a reverse-proxy configuration in front of Servoy with that web server handling SSL termination then you could still be vulnerable…

Corey

Topic		Replies	Views
PostgreSQL and the OpenSSL Heartbleed vulnerability Classic Servoy	0	2362	April 8, 2014
More security information needed Classic Servoy	1	1745	April 8, 2009
Servoy has several known high-risk vulnerabilities?! Classic Servoy	5	3277	September 2, 2009
Spring4Shell Zero-Day Vulnerability Questions	3	4530	April 1, 2022
POODLE SSLv3 vulnerability Classic Servoy	3	3570	October 23, 2014

OpenSSL Heartbleed

Related topics