...
- The Linux Kernel process for reporting security issues
- The OpenDaylight vulnerability management process
- Recommendations for a minimal security response process
- The fd.io vulnerability management process
Vulnerability Management Process Overview
Vulnerability Management Process
The ONAP vulnerability management subcommittee (VMS) is responsible for coordinating the response to a reported vulnerability from initial reporting until coordinated disclosure.
...
A report can be received either as a ticket in Vulnerability Reporting Jira Project, email to onap-security@lists.onap.org or as a private encrypted email to one of the VMS members .
Steps that has to be completed depend on reception method:
...