Merge pull request #3476 from CVEProject/int

2/25/25 Release: INT to TEST

Author: jdaigneau5

public/images/news/cveProgramReport/reservedCVEIDspublishedCVERecordsQuarterlyTrendQ4CY2024.png

@@ -1038,7 +1038,7 @@
   {
     "shortName": "brocade",
     "cnaID": "CNA-2016-0006",
-    "organizationName": "Brocade Communications Systems, LLC",
+    "organizationName": "Brocade Communications Systems LLC, a Broadcom Company",
     "scope": "Brocade products only.",
     "contact": [
       {
@@ -1056,7 +1056,7 @@
       {
         "label": "Policy",
         "language": "",
-        "url": "https://docs.broadcom.com/doc/brocade-security-vulnerabiltiy-disclosure.pdf"
+        "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/21739"
       }
     ],
     "securityAdvisories": {
@@ -3778,7 +3778,7 @@
       {
         "label": "Policy",
         "language": "",
-        "url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK107991A7713&LanguageCode=en&DocumentPartId=&Action=Launch"
+        "url": "https://publisher.hitachienergy.com/preview?DocumentID=9AKK107991A7713&LanguageCode=en&DocumentPartId=&Action=Launch"
       }
     ],
     "securityAdvisories": {
@@ -7065,17 +7065,21 @@
     "shortName": "redhat",
     "cnaID": "CNA-2005-0006",
     "organizationName": "Red Hat, Inc.",
-    "scope": "<strong>Root Scope:</strong> The Red Hat Root’s scope includes the open source community. Any open source organizations that prefer Red Hat as their Root; organizations are free to choose another Root if it suits them better.<br/><strong>CNA Scope:</strong> Vulnerabilities in open source projects affecting Red Hat software that are not covered by a more specific CNA. CVEs can be assigned to vulnerabilities affecting end-of-life or unsupported Red Hat software.",
+    "scope": "<strong>Root Scope:</strong> The Red Hat Root’s scope includes the open source community. Any open source organizations that prefer Red Hat as their Root; organizations are free to choose another Root if it suits them better.<br/><strong>CNA-LR Scope:</strong> Vulnerabilities in software developed by a CNA within the Red Hat Root hierarchy.<br/><strong>CNA Scope:</strong> Vulnerabilities in open source projects affecting Red Hat software that are not covered by a more specific CNA. CVEs can be assigned to vulnerabilities affecting end-of-life or unsupported Red Hat software.",
     "contact": [
       {
         "email": [
-          {
-            "label": "CNA contact email",
-            "emailAddr": "secalert@redhat.com"
-          },
           {
             "label": "Root contact email",
             "emailAddr": "RootCNA-Coordination@redhat.com"
+          },
+          {
+            "label": "CNA-LR contact email",
+            "emailAddr": "cnalr-coordination@redhat.com"
+          },
+          {
+            "label": "CNA contact email",
+            "emailAddr": "secalert@redhat.com"
           }
         ],
         "contact": [
@@ -7120,11 +7124,15 @@
       },
       "roles": [
         {
-          "helpText": "",
+          "helpText": "reports to MITRE Top-Level Root",
           "role": "Root"
         },
         {
-          "helpText": "",
+          "helpText": "reports to Red Hat Root",
+          "role": "CNA-LR"
+        },
+        {
+          "helpText": "reports to Red Hat Root",
           "role": "CNA"
         }
       ]
@@ -16463,7 +16471,7 @@
       {
         "label": "Policy",
         "language": "",
-        "url": "https://illumio.responsibledisclosure.com/hc/en-us"
+        "url": "https://www.illumio.com/legal/responsible-disclosure-policy"
       }
     ],
     "securityAdvisories": {
@@ -16527,7 +16535,7 @@
       "advisories": [
         {
           "label": "Advisories",
-          "url": "https://www.blacklanternsecurity.com/cves.html"
+          "url": "https://www.blacklanternsecurity.com/advisories/"
         }
       ]
     },
@@ -23864,7 +23872,7 @@
       {
         "label": "Policy",
         "language": "",
-        "url": "https://www.csa.gov.sg/Tips-Resource/Resources/singcert/singcert-vulnerability-disclosure-policy"
+        "url": "https://www.csa.gov.sg/resources/singcert/csa-as-a-cve-numbering-authority--cna-"
       }
     ],
     "securityAdvisories": {
@@ -25480,5 +25488,117 @@
       ]
     },
     "country": "Denmark"
+  },
+  {
+    "shortName": "Saviynt",
+    "cnaID": "CNA-2025-0011",
+    "organizationName": "Saviynt Inc.",
+    "scope": "Vulnerabilities discovered in Saviynt products or vulnerabilities reported to Saviynt Labs that are not in another CNA’s scope.",
+    "contact": [
+      {
+        "email": [
+          {
+            "label": "Email",
+            "emailAddr": "security@saviynt.com"
+          }
+        ],
+        "contact": [],
+        "form": []
+      }
+    ],
+    "disclosurePolicy": [
+      {
+        "label": "Policy",
+        "language": "",
+        "url": "https://saviynt.com/saviynt-responsible-disclosure-policy/"
+      }
+    ],
+    "securityAdvisories": {
+      "alerts": [],
+      "advisories": [
+        {
+          "label": "Advisories",
+          "url": "https://trust.saviynt.com/?itemName=environment_social_governance&source=click"
+        }
+      ]
+    },
+    "resources": [],
+    "CNA": {
+      "isRoot": false,
+      "root": {
+        "shortName": "n/a",
+        "organizationName": "n/a"
+      },
+      "roles": [
+        {
+          "helpText": "",
+          "role": "CNA"
+        }
+      ],
+      "TLR": {
+        "shortName": "mitre",
+        "organizationName": "MITRE Corporation"
+      },
+      "type": [
+        "Vendor"
+      ]
+    },
+    "country": "USA"
+  },
+  {
+    "shortName": "CPANSec",
+    "cnaID": "CNA-2025-0012",
+    "organizationName": "CPAN Security Group",
+    "scope": "Vulnerabilities in Perl and CPAN Modules (including End-of-Life Perl versions) found at <a href='https://perl.org' target='_blank'>https://perl.org</a>, <a href='https://cpan.org' target='_blank'>https://cpan.org</a>, or <a href='https://metacpan.org/' target='_blank'>https://metacpan.org/</a>, excluding distributions of Perl or CPAN Modules maintained by third-party redistributors.",
+    "contact": [
+      {
+        "email": [
+          {
+            "label": "Email",
+            "emailAddr": "cve-request@security.metacpan.org"
+          }
+        ],
+        "contact": [],
+        "form": []
+      }
+    ],
+    "disclosurePolicy": [
+      {
+        "label": "Policy",
+        "language": "",
+        "url": "https://security.metacpan.org/docs/cna-disclosure-policy.html"
+      }
+    ],
+    "securityAdvisories": {
+      "alerts": [],
+      "advisories": [
+        {
+          "label": "Advisories",
+          "url": "https://lists.security.metacpan.org/cve-announce/"
+        }
+      ]
+    },
+    "resources": [],
+    "CNA": {
+      "isRoot": false,
+      "root": {
+        "shortName": "n/a",
+        "organizationName": "n/a"
+      },
+      "roles": [
+        {
+          "helpText": "",
+          "role": "CNA"
+        }
+      ],
+      "TLR": {
+        "shortName": "mitre",
+        "organizationName": "MITRE Corporation"
+      },
+      "type": [
+        "Open Source"
+      ]
+    },
+    "country": "Canada"
   }
 ]

src/assets/data/CNAsList.json

@@ -1133,7 +1133,7 @@
         },
         {
           "month": "February",
-          "value": "7"
+          "value": "9"
         },
         {
           "month": "March",