Uploaded image for project: 'Integration'
  1. Integration
  2. INT-2039

Container scans to identify the ones that are using log4j or log4-core

XMLWordPrintable

    • Icon: Task Task
    • Resolution: Unresolved
    • Icon: Highest Highest
    • Montreal Release
    • None
    • None
    • None

      In order to fix the issue with log4j vulnerability, we have to identify all the projects and repositories where vulnerable version exists. List shall be shared with SECCOM and ONAP community.

      DoD:

      All ONAP repositories and containers are scanned, so we know where the vulnerability exists.

      Information is shared with SECCOM and ONAP community. 

        1. image_log.png
          image_log.png
          210 kB
        2. Policy.png
          Policy.png
          111 kB

            michaljagiellotmpl michaljagiellotmpl
            Pawel_P Paweł Pawlak
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Created:
              Updated:
              Resolved: