...
The information related to Repository and Group are extracted from the CLM report.
Repository | Group | Impact Analysis | Action |
---|---|---|---|
vid | angular.min.js angular.js |
False Positive
VID UI templates are static, and not user-generated in any way.
Its source is in ONAP Portal SDK |
Request exception | |
vid | bouncycastle |
No fix is available for this vulnerability;
Its source is in ONAP Portal SDK | Request exception | ||
vid | com.fasterxml.jackson.core | False positive VID doesn't use createBeanDeserializer() function in the BeanDeserializerFactory class | False positive |
vid |
commons-beanutils | No fix is available for this vulnerability; Its source is in ONAP Portal SDK | Request exception |
vid |
moment | No fix is available for this vulnerability; Its source is in ONAP Portal SDK | Request exception |
vid |
org.apache.httpcomponents | Its source is in ONAP Portal SDK | Request exception |
vid |
org.codehaus.jackson | False positive VID doesn't use the problematic |
function createBeanDeserializer in the BeanDeserializerFactory class No fix is available for this vulnerability | False positive |
vid |
xerces | Its source is in ONAP Portal SDK | Request exception |
vid |
No fix is available for this vulnerability;
org.hibernate | Its source is in ONAP Portal SDK | Request exception |
vid | org. |
eclipse. |
jetty | False positive VID |
doesn't use the check function in Password.java file | False positive | |
vid | com.google.guava | Its source |
is in ONAP Portal SDK |
Request exception |
vid |
commons-codec | Its source is in ONAP Portal SDK | Request exception |
vid |
dom4j | Its source is in ONAP Portal SDK | Request exception |
vid |
False positive
VID doesn't use the problematic function createBeanDeserializer in the BeanDeserializerFactory class
No fix is available for this vulnerability
False positive
jquery | Under investigation
| ||||||||||
vid | org.apache.wicket |
Its source is in ONAP Portal SDK | Request exception | |
vid |
org.springframework | Its source is in ONAP Portal SDK | Request exception |
vid | org. |
springframework | Its source is in ONAP Portal SDK | Request exception |
vid | org. |
springframework | Its source is in ONAP Portal SDK | Request exception |
vid |
org.springframework | Its source is in ONAP Portal SDK | Request exception |
vid |
org. |
owasp. |
esapi | Its source is in ONAP Portal SDK | Request exception |
vid | org. |
owasp. |
antisamy | Its source is in ONAP Portal SDK | Request exception |
vid | org.eclipse.jetty |
False positive
VID doesn't use the check function in Password.java file
Under investigation
|