Skip to main content

Please report any security issues you find in the ONAP code base to:

Reports submitted to this address are distributed to highly trusted security experts in the ONAP community who will handle the processing and resolution of any reported security issues in confidence. In your report, please note how you would like to be credited for discovering the issue and the details of any embargo you would like to impose.

IMPORTANT: Only reports that are submitted against vulnerabilities in the ONAP code base itself will be accepted and replied to. It is NOT to be used for any issues related to general tools and infrastructure (DNS, email, web, etc.) used by the community.

For more details on our vulnerability management process and policies, please visit our wiki page.