Unmaintained repository. Development moved to: https://github.com/nordic-institute/X-Road-development
19
stars
8
forks
source link
As a Product Owner I want that potential vulnerabilities reported by OWASP Dependency Check tool are checked & fixed so that X-Road software is safe to use #209
Problem
Latest scanning result of OWASP Dependency Check tool did show some possible vulnerabilities. Scanning results must go through and see if there are things that are needing
actions (for example updating some components to latest sw version) or if the results are false positive.
Acceptance criteria
Scanning results of OWASP Dependency Check tool are checked through
False positive cases are marked
Needed actions to fix actual vulnerabilities are done (f.ex updated outdated components to latest sw version)
Affected components: - Affected documentation: - Estimated delivery: Q2 / 2018 External reference: https://jira.csc.fi/browse/PVAYLADEV-1091
Problem Latest scanning result of OWASP Dependency Check tool did show some possible vulnerabilities. Scanning results must go through and see if there are things that are needing actions (for example updating some components to latest sw version) or if the results are false positive.
Acceptance criteria