Details

    Description

      On the CII badging page for your app https://bestpractices.coreinfrastructure.org/en/projects/1630 review the CII question labeled vulerabilities_fixed_60_days under the Security section. The CII question says:
      "There MUST be no unpatched vulnerabilities of medium or high severity that have been publicly known for more than 60 days."

      Note that this refers to vulnerabilities within ONAP code, and NOT to vulnerabilities inherited from third party libraries.

      Your answer should be MET:

      • If there are no known vulnerabilities
      • If all known vulnerabilites pointed out by tools are ONLY false positives,
      • If your project can commit to fixing new vulnerabilities within 60 days.

      If you can NOT choose MET, select "UNMET" and update the description to indicate "Updated 2019-MM-DD." and an indication of why you could not choose MET.

      Attachments

        No reviews matched the request. Check your Options in the drop-down menu of this sections header.

        Activity

          People

            Unassigned Unassigned
            TonyLHansen Tony Hansen
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: