Anyone know the best way to determine whether my JBoss application is vulnerable to the heartbleed security bug?
I am using JBoss versions 4.0.4 and 5.1.0.
Anyone know the best way to determine whether my JBoss application is vulnerable to the heartbleed security bug?
I am using JBoss versions 4.0.4 and 5.1.0.
Copyright © 2021 Jogjafile Inc.
A good explanation is on the security StackExchange site. The answer linked is specific to Tomcat, but applicable to JBoss (or other Java applications) as well. The short answer is no, because Java implements its own stack of SSL/TLS and does not relay on the OpenSSL or any other SSL implementation library.