Merge pull request #3145 from CVEProject/test

update main with Test

Author: athu-tran

src/assets/data/CNAsList.json

@@ -809,7 +809,7 @@
     "shortName": "Axis",
     "cnaID": "CNA-2021-0014",
     "organizationName": "Axis Communications AB",
-    "scope": "All products of Axis Communications AB including end-of-life/end-of-service products",
+    "scope": "All products of Axis Communications AB and 2N including end-of-life/end-of-service products",
     "contact": [
       {
         "email": [
@@ -2668,7 +2668,7 @@
     "shortName": "fedora",
     "cnaID": "CNA-2017-0021",
     "organizationName": "Fedora Project",
-    "scope": "Vulnerabilities in open-source projects affecting the Fedora Project, that are not covered by a more specific CNA. CVEs can be assigned to vulnerabilities affecting end-of-life or unsupported releases by the Fedora Project",
+    "scope": "Vulnerabilities in open source projects affecting the Fedora Project, that are not covered by a more specific CNA. CVEs can be assigned to vulnerabilities affecting end-of-life or unsupported releases by the Fedora Project",
     "contact": [
       {
         "email": [],
@@ -3817,7 +3817,7 @@
     "shortName": "hp",
     "cnaID": "CNA-2009-0003",
     "organizationName": "HP Inc.",
-    "scope": "HP Inc. issues only",
+    "scope": "Issues with any HP-branded product, including computing software and hardware, imaging and printing, as well as HyperX, Teradici, Poly, and Plantronics branded devices",
     "contact": [
       {
         "email": [
@@ -6806,7 +6806,7 @@
       "advisories": [
         {
           "label": "Advisories",
-          "url": "https://www.php.net/ChangeLog-7.php"
+          "url": "https://www.php.net/ChangeLog-8.php"
         }
       ]
     },
@@ -6837,7 +6837,7 @@
   {
     "shortName": "Perforce",
     "cnaID": "CNA-2016-0023",
-    "organizationName": "Perforce (formerly Puppet)",
+    "organizationName": "Perforce",
     "scope": "All Perforce products",
     "contact": [
       {
@@ -7065,7 +7065,7 @@
     "shortName": "redhat",
     "cnaID": "CNA-2005-0006",
     "organizationName": "Red Hat, Inc.",
-    "scope": "<strong>Root Scope:</strong> The Red Hat Root’s scope includes the open-source community. Any open-source organizations that prefer Red Hat as their Root; organizations are free to choose another Root if it suits them better<br/><strong>CNA Scope:</strong> Vulnerabilities in open-source projects affecting Red Hat software that are not covered by a more specific CNA. CVEs can be assigned to vulnerabilities affecting end-of-life or unsupported Red Hat software",
+    "scope": "<strong>Root Scope:</strong> The Red Hat Root’s scope includes the open source community. Any open source organizations that prefer Red Hat as their Root; organizations are free to choose another Root if it suits them better<br/><strong>CNA Scope:</strong> Vulnerabilities in open source projects affecting Red Hat software that are not covered by a more specific CNA. CVEs can be assigned to vulnerabilities affecting end-of-life or unsupported Red Hat software",
     "contact": [
       {
         "email": [
@@ -8929,23 +8929,40 @@
             "emailAddr": "[email protected]"
           }
         ],
-        "contact": [],
+        "contact": [
+          {
+            "label": "Report a Vulnerability (Turkish)",
+            "language": "Turkish",
+            "url": "https://www.usom.gov.tr/zafiyet"
+          },
+          {
+            "label": "Report a Vulnerability (English)",
+            "language": "English",
+            "url": "https://www.usom.gov.tr/en/vulnerability"
+          }
+        ],
         "form": []
       }
     ],
     "disclosurePolicy": [
       {
-        "label": "Policy",
-        "language": "",
-        "url": "https://www.usom.gov.tr/en"
+        "label": "Policy (Turkish)",
+        "language": "Turkish",
+        "url": "https://www.usom.gov.tr/zafiyet-bildirim-politikasi"
+      },
+      {
+        "label": "Policy (English)",
+        "language": "English",
+        "url": "https://www.usom.gov.tr/en/vulnerability-disclosure-policy"
       }
     ],
     "securityAdvisories": {
       "alerts": [],
       "advisories": [
         {
-          "label": "Advisories",
-          "url": "https://www.usom.gov.tr/tehdit.html"
+          "label": "Advisories (Turkish)",
+          "language": "Turkish",
+          "url": "https://www.usom.gov.tr/bildirim"
         }
       ]
     },
@@ -9102,7 +9119,7 @@
     "shortName": "Vaadin",
     "cnaID": "CNA-2021-0015",
     "organizationName": "Vaadin Ltd.",
-    "scope": "All Vaadin products and supported open-source projects hosted at <a href='https://github.com/vaadin' target='_blank'>https://github.com/vaadin</a>",
+    "scope": "All Vaadin products and supported open source projects hosted at <a href='https://github.com/vaadin' target='_blank'>https://github.com/vaadin</a>",
     "contact": [
       {
         "email": [
@@ -14699,7 +14716,7 @@
     "shortName": "Docker",
     "cnaID": "CNA-2022-0050",
     "organizationName": "Docker Inc.",
-    "scope": "All Docker products, including Docker Desktop and Docker Hub, as well as Docker maintained open-source projects",
+    "scope": "All Docker products, including Docker Desktop and Docker Hub, as well as Docker maintained open source projects",
     "contact": [
       {
         "email": [
@@ -14997,7 +15014,7 @@
     "shortName": "dotCMS",
     "cnaID": "CNA-2023-0001",
     "organizationName": "dotCMS LLC",
-    "scope": "All dotCMS product services including the vulnerabilities reported in our open-source core located at <a href='https://github.com/dotCMS/core' target='_blank'>https://github.com/dotCMS/core</a>",
+    "scope": "All dotCMS product services including the vulnerabilities reported in our open source core located at <a href='https://github.com/dotCMS/core' target='_blank'>https://github.com/dotCMS/core</a>",
     "contact": [
       {
         "email": [
@@ -15059,7 +15076,7 @@
     "shortName": "DHIS2",
     "cnaID": "CNA-2023-0002",
     "organizationName": "The HISP Centre at the University of Oslo",
-    "scope": "Security issues in <a href='https://github.com/dhis2' target='_blank'>DHIS2</a> open-source web and mobile software applications",
+    "scope": "Security issues in <a href='https://github.com/dhis2' target='_blank'>DHIS2</a> open source web and mobile software applications",
     "contact": [
       {
         "email": [
@@ -16251,7 +16268,7 @@
     "shortName": "Ribose",
     "cnaID": "CNA-2023-0023",
     "organizationName": "Ribose Limited",
-    "scope": "All Ribose products and services, including open-source projects, supported products, and end-of-life/end-of-service products",
+    "scope": "All Ribose products and services, including open source projects, supported products, and end-of-life/end-of-service products",
     "contact": [
       {
         "email": [
@@ -16533,7 +16550,7 @@
     "shortName": "IoT83",
     "cnaID": "CNA-2023-0028",
     "organizationName": "IoT83 Ltd",
-    "scope": "Vulnerabilities in IoT83 product(s), services, and components only. Third-party, open-source components used in IoT83 product(s), services, and components are not in scope",
+    "scope": "Vulnerabilities in IoT83 product(s), services, and components only. Third-party, open source components used in IoT83 product(s), services, and components are not in scope",
     "contact": [
       {
         "email": [
@@ -16899,7 +16916,7 @@
     "shortName": "samsung.tv_appliance",
     "cnaID": "CNA-2023-0034",
     "organizationName": "Samsung TV & Appliance",
-    "scope": "Samsung TV &amp; Appliance products, Samsung-owned open-source projects listed on <a href='https://github.com/Samsung/' target='_blank'>https://github.com/Samsung/</a>, as well as vulnerabilities in third-party software discovered by Samsung that are not in another CNA’s scope. Vulnerabilities affecting end-of-life/end-of-service products are in scope. The following categories of Samsung Products are in scope: Internet-connected home appliances, B2C product (smart TV, smart monitor, soundbar, and projector), and B2B products (digital signage, interactive display, and kiosk)",
+    "scope": "Samsung TV &amp; Appliance products, Samsung-owned open source projects listed on <a href='https://github.com/Samsung/' target='_blank'>https://github.com/Samsung/</a>, as well as vulnerabilities in third-party software discovered by Samsung that are not in another CNA’s scope. Vulnerabilities affecting end-of-life/end-of-service products are in scope. The following categories of Samsung Products are in scope: Internet-connected home appliances, B2C product (smart TV, smart monitor, soundbar, and projector), and B2B products (digital signage, interactive display, and kiosk)",
     "contact": [
       {
         "email": [
@@ -19436,7 +19453,7 @@
     "shortName": "Checkmarx",
     "cnaID": "CNA-2023-0078",
     "organizationName": "Checkmarx",
-    "scope": "Vulnerabilities in Checkmarx products and open-source vulnerabilities discovered by, or reported to, Checkmarx, that are not in another CNA’s scope",
+    "scope": "Vulnerabilities in Checkmarx products and open source vulnerabilities discovered by, or reported to, Checkmarx, that are not in another CNA’s scope",
     "contact": [
       {
         "email": [
@@ -19719,7 +19736,7 @@
     "shortName": "EDB",
     "cnaID": "CNA-2023-0083",
     "organizationName": "EnterpriseDB Corporation",
-    "scope": "All EnterpriseDB products and vulnerabilities identified in open-source libraries used by EnterpriseDB products unless covered by another CNA’s scope",
+    "scope": "All EnterpriseDB products and vulnerabilities identified in open source libraries used by EnterpriseDB products unless covered by another CNA’s scope",
     "contact": [
       {
         "email": [
@@ -23203,7 +23220,7 @@
     "shortName": "seal",
     "cnaID": "CNA-2024-0060",
     "organizationName": "Seal Security",
-    "scope": "Vulnerabilities in Seal products or services and vulnerabilities discovered in open-source libraries unless covered by the scope of another CNA",
+    "scope": "Vulnerabilities in Seal products or services and vulnerabilities discovered in open source libraries unless covered by the scope of another CNA",
     "contact": [
       {
         "email": [

src/assets/data/glossaryEntries.json

@@ -117,7 +117,7 @@
     "id": "glossarySupplier",
     "term": "Supplier",
     "termLink": "/ResourcesSupport/Glossary?activeTerm=glossarySupplier",
-    "definition": "The entity that develops, maintains, or provides a product regardless of whether the product is an open-source project or a proprietary product. A supplier is typically responsible for and capable of investigating vulnerability reports and developing fixes or mitigations for vulnerabilities. “Supplier” is used broadly and includes common terms such as vendor, producer, developer, maintainer, author, owner, manufacturer, and provider."
+    "definition": "The entity that develops, maintains, or provides a product regardless of whether the product is an open source project or a proprietary product. A supplier is typically responsible for and capable of investigating vulnerability reports and developing fixes or mitigations for vulnerabilities. “Supplier” is used broadly and includes common terms such as vendor, producer, developer, maintainer, author, owner, manufacturer, and provider."
   },
   {
     "id": "glossaryTags",

src/assets/data/metrics.json

@@ -789,11 +789,11 @@
       "data": [
         {
           "heading": "All CNAs",
-          "percentage": "81"
+          "percentage": "83"
         },
         {
           "heading": "CNA-LRs",
-          "percentage": "19"
+          "percentage": "17"
         }
       ]
     },