Status: Draft
1.1 Purpose
Clarity is required on the following aspects:
- The process that the projects will follow regarding analyzing the known vulnerabilities
- To address how a project can mark a known vulnerability as not impacting ONAP
- What oversight is required
- Address the case that the component used uses other components that have vulnerabilities.
- The polices in nexus IQ to make the vulnerability status more visible.
1.2 Known Vulnerability scanning
1.3 Nexus IQ policies