diff options
| author |   Krzysztof Opasiak <k.opasiak@samsung.com> | 2019-06-04 02:05:05 +0200 |
|---|---|---|
| committer | Krzysztof Opasiak <k.opasiak@samsung.com> | 2019-06-04 02:05:05 +0200 |
| commit | 4fd0e98f62594198ba240265634a3302c3d257ef (patch) | |
| tree | 696ae0f8e34d6ca5a03555fbe2ce8db2da1b6a03 /docs | |
| parent | 482a0271686637111d98979a78181bd4d7891f64 (diff) | |
Document OJSI-88 (CVE-2019-12126) vulnerability
Issue-ID: OJSI-88
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: Id2086207baf3ff3426fca92295bdf30b5efa4b73
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/release-notes.rst | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/docs/release-notes.rst b/docs/release-notes.rst index af38b75..6a5cb48 100644 --- a/docs/release-notes.rst +++ b/docs/release-notes.rst @@ -42,6 +42,7 @@ N/A *Known Security Issues* * In default deployment VNFSDK (refrepo) exposes HTTP port 30297 outside of cluster. [`OJSI-154 <https://jira.onap.org/browse/OJSI-154>`_] + * CVE-2019-12126 - demo-vnfsdk-vnfsdk exposes JDWP port 8000 on localhost which allows to gain root privileges inside the container [`OJSI-88 <https://jira.onap.org/browse/OJSI-88>`_] *Known Vulnerabilities in Used Modules* |