+--------------+----------------------------------------------------+
| [CCSDK-441] | Spring 3 vulnerability CVE-2018-1270 |
+--------------+----------------------------------------------------+
+
**Known Issues**
The full list of known issues in CCSDK may be found in the ONAP Jira at <https://jira.onap.org/issues/?filter=11341>
*Fixed Security Issues*
+ * In default deployment CCSDK (cds-ui) exposes HTTP port 30497 outside of cluster. [`OJSI-196 <https://jira.onap.org/browse/OJSI-196>`_]
+
*Known Security Issues*
* In default deployment CCSDK (netbox-nginx) exposes HTTP port 30420 outside of cluster. [`OJSI-160 <https://jira.onap.org/browse/OJSI-160>`_]
- * In default deployment CCSDK (cds-ui) exposes HTTP port 30497 outside of cluster. [`OJSI-196 <https://jira.onap.org/browse/OJSI-196>`_]
* In default deployment CCSDK (cds-blueprints-processor-http) exposes HTTP port 30499 outside of cluster. [`OJSI-197 <https://jira.onap.org/browse/OJSI-197>`_]
*Known Vulnerabilities in Used Modules*
Quick Links:
- - `CCSDK project page <https://wiki.onap.org/display/DW/Common+Controller+SDK+Project>`_
+ - `CCSDK project page <https://wiki.onap.org/display/DW/Common+Controller+SDK+Project>`_
- - `Passing Badge information for CCSDK <https://bestpractices.coreinfrastructure.org/en/projects/1630>`_
+ - `Passing Badge information for CCSDK <https://bestpractices.coreinfrastructure.org/en/projects/1630>`_
- - `Project Vulnerability Review Table for CCSDK <https://wiki.onap.org/pages/viewpage.action?pageId=51282469>`_
+ - `Project Vulnerability Review Table for CCSDK <https://wiki.onap.org/pages/viewpage.action?pageId=51282469>`_
Version 0.4.4/0.4.5
*Known Vulnerabilities in Used Modules*
Quick Links:
- - `CCSDK project page <https://wiki.onap.org/display/DW/Common+Controller+SDK+Project>`_
+ - `CCSDK project page <https://wiki.onap.org/display/DW/Common+Controller+SDK+Project>`_
- - `Passing Badge information for CCSDK <https://bestpractices.coreinfrastructure.org/en/projects/1630>`_
+ - `Passing Badge information for CCSDK <https://bestpractices.coreinfrastructure.org/en/projects/1630>`_
- - `Project Vulnerability Review Table for CCSDK <https://wiki.onap.org/pages/viewpage.action?pageId=51282469>`_
+ - `Project Vulnerability Review Table for CCSDK Dublin <https://wiki.onap.org/pages/viewpage.action?pageId=51282469>`_
Version: 0.3.3
**************
- `Passing Badge information for CCSDK <https://bestpractices.coreinfrastructure.org/en/projects/1630>`_
- - `Project Vulnerability Review Table for CCSDK <https://wiki.onap.org/pages/viewpage.action?pageId=45300857>`_
+ - `Project Vulnerability Review Table for CCSDK Casablanca Maintenance Release <https://wiki.onap.org/pages/viewpage.action?pageId=45300857>`_
Version: 0.3.2
**************
The full list of known issues in CCSDK may be found in the ONAP Jira at <https://jira.onap.org/issues/?filter=11341>
Quick Links:
- - `CCSDK project page <https://wiki.onap.org/display/DW/Common+Controller+SDK+Project>`_
+ - `CCSDK project page <https://wiki.onap.org/display/DW/Common+Controller+SDK+Project>`_
- - `Passing Badge information for CCSDK <https://bestpractices.coreinfrastructure.org/en/projects/1630>`_
+ - `Passing Badge information for CCSDK <https://bestpractices.coreinfrastructure.org/en/projects/1630>`_
- - `Project Vulnerability Review Table for CCSDK <https://wiki.onap.org/pages/viewpage.action?pageId=45300857>`_
+ - `Project Vulnerability Review Table for CCSDK Casablanca <https://wiki.onap.org/pages/viewpage.action?pageId=45300857>`_
Version: 0.2.4
**************
CCSDK code has been formally scanned during build time using NexusIQ and all Critical vulnerabilities have been addressed, items that remain open have been assessed for risk and determined to be false positive. The CCSDK open Critical security vulnerabilities and their risk assessment have been documented as part of the `project <https://wiki.onap.org/pages/viewpage.action?pageId=28379011>`_.
Quick Links:
- - `CCSDK project page <https://wiki.onap.org/display/DW/Common+Controller+SDK+Project>`_
+ - `CCSDK project page <https://wiki.onap.org/display/DW/Common+Controller+SDK+Project>`_
- - `Passing Badge information for CCSDK <https://bestpractices.coreinfrastructure.org/en/projects/1630>`_
+ - `Passing Badge information for CCSDK <https://bestpractices.coreinfrastructure.org/en/projects/1630>`_
- - `Project Vulnerability Review Table for CCSDK <https://wiki.onap.org/pages/viewpage.action?pageId=28379011>`_
+ - `Project Vulnerability Review Table for CCSDK Beijing <https://wiki.onap.org/pages/viewpage.action?pageId=28379011>`_
**Upgrade Notes**