Skip to content

Content rjr 1875 #1889

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 4 commits into from
Apr 25, 2023
Merged

Content rjr 1875 #1889

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
746034c
Merge pull request #1880 from CVEProject/content-rjr-1876
slubar Apr 25, 2023
bfd951f
Merge pull request #1882 from CVEProject/content-rjr-1879
slubar Apr 25, 2023
ee4acc6
Merge pull request #1884 from CVEProject/content-rjr-1878
slubar Apr 25, 2023
a71a8b6
#1875 Add 2 new CNAs + Update 2 CNA's info
rroberge Apr 25, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
127 changes: 121 additions & 6 deletions src/assets/data/CNAsList.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5203,16 +5203,16 @@
"country": "USA"
},
{
"shortName": "microfocus",
"shortName": "OpenText",
"cnaID": "CNA-2014-0002",
"organizationName": "Micro Focus International",
"scope": "All Attachmate, Borland, Gwava, Micro Focus, NetIQ, Novell, and Serena products, as well as all former HP Enterprise software suites",
"organizationName": "OpenText (formerly Micro Focus)",
"scope": "All OpenText products (including Carbonite, Zix, Micro Focus, others)",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@microfocus.com"
"emailAddr": "security@opentext.com"
}
],
"contact": [],
Expand All @@ -5223,15 +5223,15 @@
{
"label": "Policy",
"language": "",
"url": "https://www.microfocus.com/security"
"url": "https://www.opentext.com/about/security-acknowledgements"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://portal.microfocus.com/s/customportalsearch?language=en_US"
"url": "https://knowledge.opentext.com/knowledge/llisapi.dll/open/alerts"
}
]
},
Expand Down Expand Up @@ -16430,5 +16430,120 @@
]
},
"country": "USA"
},
{
"shortName": "Ribose",
"cnaID": "CNA-2023-0023",
"organizationName": "Ribose Limited",
"scope": "All Ribose products and services, including open-source projects, supported products, and end-of-life/end-of-service products",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "cve-coordination@ribose.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://open.ribose.com/cve-policy/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://open.ribose.com/advisories/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Hosted Service",
"Open Source",
"Vendor"
]
},
"country": "UK"

},
{
"shortName": "42Gears",
"cnaID": "CNA-2023-0024",
"organizationName": "42Gears Mobility Systems Pvt Ltd",
"scope": "42Gears branded products and technologies only",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@42gears.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy (click on “Security Response Center”)",
"language": "",
"url": "https://www.42gears.com/security-and-compliance/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories (click on “Security Advisories”)",
"url": "https://www.42gears.com/security-and-compliance/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "icscert",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)"
},
"type": [
"Vendor"
]
},
"country": "India"
}
]
123 changes: 104 additions & 19 deletions src/assets/data/news.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,86 @@
{
"currentNews": [
{
"id": 200,
"newsType": "news",
"title": "42Gears Added as CVE Numbering Authority (CNA)",
"urlKeywords": "42Gears Added as CNA",
"date": "2023-04-25",
"description": [
{
"contentnewsType": "paragraph",
"content": "<a href='/PartnerInformation/ListofPartners/partner/42Gears'>42Gears Mobility Systems Pvt Ltd</a> is now a <a href='/ResourcesSupport/Glossary?activeTerm=glossaryCNA'>CVE Numbering Authority (CNA)</a> for 42Gears branded products and technologies only."
},
{
"contentnewsType": "paragraph",
"content": "To date, <a href='/PartnerInformation/ListofPartners'>287</a> organizations from <a href='/ProgramOrganization/CNAs'>36</a> countries have partnered with the CVE Program. CNAs are organizations from around the world that are authorized to assign <a href='/ResourcesSupport/Glossary?activeTerm=glossaryCVEID'>CVE Identifiers (CVE IDs)</a> and publish <a href='/ResourcesSupport/Glossary?activeTerm=glossaryRecord'>CVE Records</a> for vulnerabilities affecting products within their distinct, agreed-upon scope, for inclusion in first-time public announcements of new vulnerabilities."
},
{
"contentnewsType": "paragraph",
"content": "42Gears’s Root is the <a href='/PartnerInformation/ListofPartners/partner/icscert'>CISA ICS Top-Level Root</a>."
}
]
},
{
"id": 200,
"newsType": "news",
"title": "Ribose Added as CVE Numbering Authority (CNA)",
"urlKeywords": "Ribose Added as CNA",
"date": "2023-04-25",
"description": [
{
"contentnewsType": "paragraph",
"content": "<a href='/PartnerInformation/ListofPartners/partner/Ribose'>Ribose Limited</a> is now a <a href='/ResourcesSupport/Glossary?activeTerm=glossaryCNA'>CVE Numbering Authority (CNA)</a> for all Ribose products and services, including open-source projects, supported products, and end-of-life/end-of-service products. Read the <a href='https://www.ribose.com/blog/2023/2023-04-24-ribose-authorized-as-cna-by-cve-program' target='_blank'>Ribose news release</a>."
},
{
"contentnewsType": "paragraph",
"content": "To date, <a href='/PartnerInformation/ListofPartners'>286</a> organizations from <a href='/ProgramOrganization/CNAs'>36</a> countries have partnered with the CVE Program. CNAs are organizations from around the world that are authorized to assign <a href='/ResourcesSupport/Glossary?activeTerm=glossaryCVEID'>CVE Identifiers (CVE IDs)</a> and publish <a href='/ResourcesSupport/Glossary?activeTerm=glossaryRecord'>CVE Records</a> for vulnerabilities affecting products within their distinct, agreed-upon scope, for inclusion in first-time public announcements of new vulnerabilities."
},
{
"contentnewsType": "paragraph",
"content": "Ribose’s Root is the <a href='/PartnerInformation/ListofPartners/partner/mitre'>MITRE Top-Level Root</a>."
}
]
},
{
"id": 199,
"displayOnHomepageOrder": 2,
"newsType": "news",
"title": "CVE List Surpasses 200,000+ CVE Records",
"urlKeywords": "CVE List Surpasses 200,000+ CVE Records",
"date": "2023-04-25",
"description": [
{
"contentnewsType": "paragraph",
"content": "The CVE website now contains 200,895 <a href='/ResourcesSupport/Glossary?activeTerm=glossaryRecord'>CVE Records</a>, each of which identifies and defines a publicly disclosed cybersecurity <a href='/ResourcesSupport/Glossary?activeTerm=glossaryVulnerability'>vulnerability</a>. CVE, an international community effort, began in 1999 with just 321 common records on the <a href='/ResourcesSupport/Glossary?activeTerm=glossaryCVEList'>CVE List</a>."
},
{
"contentnewsType": "paragraph",
"content": "CVE Records are published by organizations from around the world that have partnered with the CVE Program as a <a href='/ProgramOrganization/CNAs'>CVE Numbering Authority (CNA)</a>. CNAs <a href='/PartnerInformation/Partner#HowToBecomeAPartner'>join the program</a> from a variety of business sectors; there are minimal requirements, and there is no monetary fee or contract to sign. To date, <a href='/PartnerInformation/ListofPartners'>287</a> organizations from <a href='/ProgramOrganization/CNAs#CNAProgramGrowth'>36</a> countries have partnered with the CVE Program and are actively publishing CVE Records."
},
{
"contentnewsType": "paragraph",
"content": "Information technology and cybersecurity professionals use CVE Records to ensure they are discussing the same issue, and to coordinate their efforts to prioritize and address the vulnerabilities."
}
]
},
{
"id": 198,
"newsType": "news",
"title": "Minutes from CVE Board Teleconference Meeting on March 29 Now Available",
"urlKeywords": "CVE Board Minutes from March 29",
"date": "2023-04-25",
"description": [
{
"contentnewsType": "paragraph",
"content": "The <a href='/ProgramOrganization/Board'>CVE Board</a> held teleconference meeting on March 29, 2023. Read the <a href='https://cve.mitre.org/community/board/meeting_summaries/29_March_2023.pdf' target='_blank'>meeting minutes</a>."
},
{
"contentnewsType": "paragraph",
"content": "The CVE Board is the organization responsible for the strategic direction, governance, operational structure, policies, and rules of the CVE Program. The Board includes members from numerous cybersecurity-related organizations including commercial security tool vendors, academia, research institutions, government departments and agencies, and other prominent security experts, as well as end-users of vulnerability information."
}
]
},
{
"id": 197,
"newsType": "news",
Expand All @@ -9,7 +90,7 @@
"description": [
{
"contentnewsType": "paragraph",
"content": "<a href='/PartnerInformation/ListofPartners/partner/Halborn'>Halborn</a> is now a <a href='/ResourcesSupport/Glossary?activeTerm=glossaryCNA'>CVE Numbering Authority (CNA)</a> for all blockchain and Web3 products that rely on smart contracts written in Rust, Go, and Solidity, as well as blockchain associated Web2 and Web3 infrastructure not covered by another CNA."
"content": "<a href='/PartnerInformation/ListofPartners/partner/Halborn'>Halborn</a> is now a <a href='/ResourcesSupport/Glossary?activeTerm=glossaryCNA'>CVE Numbering Authority (CNA)</a> for all blockchain and Web3 products that rely on smart contracts written in Rust, Go, and Solidity, as well as blockchain associated Web2 and Web3 infrastructure not covered by another CNA. Read the <a href='https://www.accesswire.com/748114/Web3-Security-Firm-Halborn-Authorized-by-CVE-Program-as-a-CNA' target='_blank'>Halborn news release</a>."
},
{
"contentnewsType": "paragraph",
Expand Down Expand Up @@ -44,6 +125,7 @@
},
{
"id": 195,
"displayOnHomepageOrder": 1,
"newsType": "news",
"title": "CVE Program Booth at <i>RSA 2023</i> on April 25-27, 2023",
"urlKeywords": "CVE Booth at RSA 2023",
Expand Down Expand Up @@ -156,7 +238,6 @@
},
{
"id": 190,
"displayOnHomepageOrder": 1,
"newsType": "blog",
"title": "Now Available &mdash; CVE List Downloads in CVE JSON 5.0 Format",
"urlKeywords": "CVE Downloads in JSON 5 Format",
Expand Down Expand Up @@ -2192,7 +2273,7 @@
{
"id": 125,
"newsType": "blog",
"title": "CVE Records Are Now Displayed in CVE JSON 5.0 on this Website",
"title": "CVE Records Are Now Displayed in CVE JSON 5.0 on this Website (Updated)",
"date": "2022-10-06",
"author": {
"name": "CVE Program",
Expand All @@ -2202,33 +2283,37 @@
},
"title": "",
"bio": ""
},
},
"description": [
{
"contentnewsType": "paragraph",
"content": "The CVE Program has officially transitioned to the new format for <a href='/ResourcesSupport/Glossary?activeTerm=glossaryRecord'>CVE Records</a>&mdash;<a href='https://cveproject.github.io/automation-cve-services#json-overview' target='_blank'>CVE JSON 5.0</a>&mdash;on this beta cve.org website. Beginning today, CVE Records will be displayed in this new format. Use the CVE ID lookup at the top of this page to view records in the new format."
"contentnewsType": "paragraph",
"content": "The CVE Program has officially transitioned to the new format for <a href='/ResourcesSupport/Glossary?activeTerm=glossaryRecord'>CVE Records</a>&mdash;<a href='/AllResources/CveServices#cve-json-5'>CVE JSON 5.0</a>&mdash;on this beta cve.org website. Beginning today, CVE Records will be displayed in this new format. Use the CVE ID lookup at the top of this page to view records in the new format."
},
{
"contentnewsType": "paragraph",
"content": "CVE JSON 5.0 is a richer, more structured format for vulnerability identification and description. Learn more <a href='https://cveproject.github.io/automation-cve-services#json-overview' target='_blank'>here</a>."
},
"contentnewsType": "paragraph",
"content": "CVE JSON 5.0 is a richer, more structured format for vulnerability identification and description. Learn more <a href='/AllResources/CveServices#cve-json-5'>here</a>."
},
{
"contentnewsType": "paragraph",
"content": "During the CVE Program’s transition period from CVE JSON 4.0 to CVE JSON 5.0, CVE Records may still be viewed in CVE JSON 4.0 format on the <a href='https://github.com/CVEProject/cvelist' target='_blank'>CVE List GitHub pilot</a> website while the traditional CVE List download formats will continue to be available on the legacy <a href='https://cve.mitre.org' target='_blank'>cve.mitre.org</a> website. Downloads in CVE JSON 5.0 format will be introduced on this website in 2023. (See <a href='https://www.cve.org/Media/News/item/blog/2022/01/18/CVE-List-Download-Formats-Are'>CVE List Download Formats Are Changing (Updated)</a> for additional information.)"
"contentnewsType": "paragraph",
"content": "Downloads in CVE JSON 5.0 format are available now on the <a href='/Downloads'>Downloads</a> page."
},
{
"contentnewsType": "paragraph",
"contentnewsType": "paragraph",
"content": "During the transition, CVE Records may still be viewed in CVE JSON 4.0 format on the <a href='https://github.com/CVEProject/cvelist' target='_blank'>CVE List GitHub pilot</a> website (the CVE List GitHub pilot will be deprecated on June 30, 2023) while the traditional CVE List download formats will continue to be available on the legacy <a href='https://cve.mitre.org' target='_blank'>cve.mitre.org</a> website until those formats are deprecated on or before December 31, 2023. Learn more <a href='/Media/News/item/blog/2023/03/29/CVE-Downloads-in-JSON-5-Format'>here</a>."
},
{
"contentnewsType": "paragraph",
"content": "Please use the <a href='https://cveform.mitre.org/' target='_blank'>CVE Program Request forms</a> and select “Other” from the dropdown menu to contact us with any comments or concerns."
},
},
{
"contentnewsType": "paragraph",
"content": "<i>NOTE: This article was revised on November 1, 2022, to add a link to additional information about the downloads transition period.</i>"
"contentnewsType": "paragraph",
"content": "<i>NOTE: This article was revised on April 25, 2023, to update text and links to the most current information.</i>"
}
]
},
{
"id": 124,
"newsType": "news",
},
{
"id": 124,
"newsType": "news",
"title": "Dual Vipers Added as CVE Numbering Authority (CNA)",
"date": "2022-10-03",
"description": [
Expand Down
Loading