Skip to content

Commit b718ecb

Browse files
rrobergerroberge
authored
#3259 Add 4 new CNAs + Update 1 CNA's info (#3264)
1 parent e0c53c5 commit b718ecb

File tree

3 files changed

+290
-3
lines changed

3 files changed

+290
-3
lines changed

src/assets/data/CNAsList.json

Lines changed: 226 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -4297,15 +4297,15 @@
42974297
{
42984298
"label": "Policy",
42994299
"language": "",
4300-
"url": "https://www.johnsoncontrols.com/buildings/specialty-pages/product-security/vulnerability-reporting-and-disclosure"
4300+
"url": "https://www.johnsoncontrols.com/trust-center/cybersecurity/response#CoordinatedDisclosure"
43014301
}
43024302
],
43034303
"securityAdvisories": {
43044304
"alerts": [],
43054305
"advisories": [
43064306
{
43074307
"label": "Advisories",
4308-
"url": "https://www.johnsoncontrols.com/buildings/specialty-pages/product-security/security-advisories"
4308+
"url": "https://www.johnsoncontrols.com/trust-center/cybersecurity/security-advisories"
43094309
}
43104310
]
43114311
},
@@ -24003,5 +24003,229 @@
2400324003
]
2400424004
},
2400524005
"country": "Sweden"
24006+
},
24007+
{
24008+
"shortName": "OnLogic",
24009+
"cnaID": "CNA-2024-0074",
24010+
"organizationName": "OnLogic",
24011+
"scope": "OnLogic issues only",
24012+
"contact": [
24013+
{
24014+
"email": [
24015+
{
24016+
"label": "Email",
24017+
"emailAddr": "[email protected]"
24018+
}
24019+
],
24020+
"contact": [],
24021+
"form": []
24022+
}
24023+
],
24024+
"disclosurePolicy": [
24025+
{
24026+
"label": "Policy",
24027+
"language": "",
24028+
"url": "https://storage.googleapis.com/ls-public-web-content/Security/STORM-Cybersecurity%20Policy-Vulnerability%20Disclosure.pdf"
24029+
}
24030+
],
24031+
"securityAdvisories": {
24032+
"alerts": [],
24033+
"advisories": [
24034+
{
24035+
"label": "Advisories",
24036+
"url": "https://support.onlogic.com/security-advisory/"
24037+
}
24038+
]
24039+
},
24040+
"resources": [],
24041+
"CNA": {
24042+
"isRoot": false,
24043+
"root": {
24044+
"shortName": "n/a",
24045+
"organizationName": "n/a"
24046+
},
24047+
"roles": [
24048+
{
24049+
"helpText": "",
24050+
"role": "CNA"
24051+
}
24052+
],
24053+
"TLR": {
24054+
"shortName": "mitre",
24055+
"organizationName": "MITRE Corporation"
24056+
},
24057+
"type": [
24058+
"Vendor"
24059+
]
24060+
},
24061+
"country": "USA"
24062+
},
24063+
{
24064+
"shortName": "OB",
24065+
"cnaID": "CNA-2024-0075",
24066+
"organizationName": "OceanBase",
24067+
"scope": "OceanBase products only, not including end-of-life components or products",
24068+
"contact": [
24069+
{
24070+
"email": [
24071+
{
24072+
"label": "Email",
24073+
"emailAddr": "[email protected]"
24074+
}
24075+
],
24076+
"contact": [],
24077+
"form": []
24078+
}
24079+
],
24080+
"disclosurePolicy": [
24081+
{
24082+
"label": "Policy",
24083+
"language": "",
24084+
"url": "https://en.oceanbase.com/security"
24085+
}
24086+
],
24087+
"securityAdvisories": {
24088+
"alerts": [],
24089+
"advisories": [
24090+
{
24091+
"label": "Advisories",
24092+
"url": "https://github.com/oceanbase/oceanbase/issues"
24093+
}
24094+
]
24095+
},
24096+
"resources": [],
24097+
"CNA": {
24098+
"isRoot": false,
24099+
"root": {
24100+
"shortName": "n/a",
24101+
"organizationName": "n/a"
24102+
},
24103+
"roles": [
24104+
{
24105+
"helpText": "",
24106+
"role": "CNA"
24107+
}
24108+
],
24109+
"TLR": {
24110+
"shortName": "mitre",
24111+
"organizationName": "MITRE Corporation"
24112+
},
24113+
"type": [
24114+
"Vendor"
24115+
]
24116+
},
24117+
"country": "China"
24118+
},
24119+
{
24120+
"shortName": "Gridware",
24121+
"cnaID": "CNA-2024-0076",
24122+
"organizationName": "Gridware Cybersecurity",
24123+
"scope": "Gridware software, services, and infrastructure issues, as well as vulnerabilities discovered by or reported to Gridware researchers that are not in another CNA’s scope",
24124+
"contact": [
24125+
{
24126+
"email": [
24127+
{
24128+
"label": "Email",
24129+
"emailAddr": "[email protected]"
24130+
}
24131+
],
24132+
"contact": [],
24133+
"form": []
24134+
}
24135+
],
24136+
"disclosurePolicy": [
24137+
{
24138+
"label": "Policy",
24139+
"language": "",
24140+
"url": "https://www.gridware.com.au/vulnerability-disclosure-policy/"
24141+
}
24142+
],
24143+
"securityAdvisories": {
24144+
"alerts": [],
24145+
"advisories": [
24146+
{
24147+
"label": "Advisories",
24148+
"url": "https://www.gridware.com.au/security-advisories/"
24149+
}
24150+
]
24151+
},
24152+
"resources": [],
24153+
"CNA": {
24154+
"isRoot": false,
24155+
"root": {
24156+
"shortName": "redhat",
24157+
"organizationName": "Red Hat, Inc."
24158+
},
24159+
"type": [
24160+
"Researcher"
24161+
],
24162+
"TLR": {
24163+
"shortName": "mitre",
24164+
"organizationName": "MITRE Corporation"
24165+
},
24166+
"roles": [
24167+
{
24168+
"helpText": "",
24169+
"role": "CNA"
24170+
}
24171+
]
24172+
},
24173+
"country": "Australia"
24174+
},
24175+
{
24176+
"shortName": "BECDX",
24177+
"cnaID": "CNA-2024-0077",
24178+
"organizationName": "Beckman Coulter Diagnostics",
24179+
"scope": "Beckman Coulter Diagnostics manufactured products and technologies only",
24180+
"contact": [
24181+
{
24182+
"email": [
24183+
{
24184+
"label": "Email",
24185+
"emailAddr": "[email protected]"
24186+
}
24187+
],
24188+
"contact": [],
24189+
"form": []
24190+
}
24191+
],
24192+
"disclosurePolicy": [
24193+
{
24194+
"label": "Policy",
24195+
"language": "",
24196+
"url": "https://www.beckmancoulter.com/en/about-beckman-coulter/product-security"
24197+
}
24198+
],
24199+
"securityAdvisories": {
24200+
"alerts": [],
24201+
"advisories": [
24202+
{
24203+
"label": "Advisories",
24204+
"url": "https://www.beckmancoulter.com/en/about-beckman-coulter/product-security/product-security-updates"
24205+
}
24206+
]
24207+
},
24208+
"resources": [],
24209+
"CNA": {
24210+
"isRoot": false,
24211+
"root": {
24212+
"shortName": "icscert",
24213+
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)"
24214+
},
24215+
"roles": [
24216+
{
24217+
"helpText": "",
24218+
"role": "CNA"
24219+
}
24220+
],
24221+
"TLR": {
24222+
"shortName": "CISA",
24223+
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA)"
24224+
},
24225+
"type": [
24226+
"Vendor"
24227+
]
24228+
},
24229+
"country": "USA"
2400624230
}
2400724231
]

src/assets/data/metrics.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1169,7 +1169,7 @@
11691169
},
11701170
{
11711171
"month": "November",
1172-
"value": "1"
1172+
"value": "5"
11731173
},
11741174
{
11751175
"month": "December",

src/assets/data/news.json

Lines changed: 63 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,68 @@
11
{
22
"currentNews": [
3+
{
4+
"id": 439,
5+
"newsType": "news",
6+
"title": "Beckman Coulter Diagnostics Added as CVE Numbering Authority (CNA)",
7+
"urlKeywords": "Beckman Coulter Diagnostics Added as CNA",
8+
"date": "2024-11-12",
9+
"description": [
10+
{
11+
"contentnewsType": "paragraph",
12+
"content": "<a href='/PartnerInformation/ListofPartners/partner/BECDX'>Beckman Coulter Diagnostics</a> is now a <a href='/ResourcesSupport/Glossary?activeTerm=glossaryCNA'>CVE Numbering Authority (CNA)</a> for Beckman Coulter Diagnostics manufactured products and technologies only."
13+
},
14+
{
15+
"contentnewsType": "paragraph",
16+
"content": "To date, <a href='/PartnerInformation/ListofPartners'>420 CNAs</a> (418 CNAs and 2 CNA-LRs) from <a href='/ProgramOrganization/CNAs'>40 countries</a> and 1 no country affiliation have partnered with the CVE Program. CNAs are organizations from around the world that are authorized to assign <a href='/ResourcesSupport/Glossary?activeTerm=glossaryCVEID'>CVE Identifiers (CVE IDs)</a> and publish <a href='/ResourcesSupport/Glossary?activeTerm=glossaryRecord'>CVE Records</a> for vulnerabilities affecting products within their distinct, agreed-upon scope, for inclusion in first-time public announcements of new vulnerabilities. Beckman Coulter Diagnostics is the 227th CNA from USA."
17+
},
18+
{
19+
"contentnewsType": "paragraph",
20+
"content": "Beckman Coulter Diagnostics’ Root is the <a href='/PartnerInformation/ListofPartners/partner/icscert'>Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS) Root</a>."
21+
}
22+
]
23+
},
24+
{
25+
"id": 438,
26+
"newsType": "news",
27+
"title": "Gridware Cybersecurity Added as CVE Numbering Authority (CNA)",
28+
"urlKeywords": "Gridware Cybersecurity Added as CNA",
29+
"date": "2024-11-12",
30+
"description": [
31+
{
32+
"contentnewsType": "paragraph",
33+
"content": "<a href='/PartnerInformation/ListofPartners/partner/Gridware'>Gridware Cybersecurity</a> is now a <a href='/ResourcesSupport/Glossary?activeTerm=glossaryCNA'>CVE Numbering Authority (CNA)</a> for Gridware software, services, and infrastructure issues, as well as vulnerabilities discovered by or reported to Gridware researchers that are not in another CNA’s scope."
34+
},
35+
{
36+
"contentnewsType": "paragraph",
37+
"content": "To date, <a href='/PartnerInformation/ListofPartners'>419 CNAs</a> (417 CNAs and 2 CNA-LRs) from <a href='/ProgramOrganization/CNAs'>40 countries</a> and 1 no country affiliation have partnered with the CVE Program. CNAs are organizations from around the world that are authorized to assign <a href='/ResourcesSupport/Glossary?activeTerm=glossaryCVEID'>CVE Identifiers (CVE IDs)</a> and publish <a href='/ResourcesSupport/Glossary?activeTerm=glossaryRecord'>CVE Records</a> for vulnerabilities affecting products within their distinct, agreed-upon scope, for inclusion in first-time public announcements of new vulnerabilities. Gridware is the 7th CNA from Australia."
38+
},
39+
{
40+
"contentnewsType": "paragraph",
41+
"content": "Gridware’s Root is the <a href='/PartnerInformation/ListofPartners/partner/redhat'>Red Hat Root</a>."
42+
}
43+
]
44+
},
45+
{
46+
"id": 437,
47+
"newsType": "news",
48+
"title": "OceanBase Added as CVE Numbering Authority (CNA)",
49+
"urlKeywords": "OceanBase Added as CNA",
50+
"date": "2024-11-12",
51+
"description": [
52+
{
53+
"contentnewsType": "paragraph",
54+
"content": "<a href='/PartnerInformation/ListofPartners/partner/OB'>OceanBase</a> is now a <a href='/ResourcesSupport/Glossary?activeTerm=glossaryCNA'>CVE Numbering Authority (CNA)</a> for OceanBase products only, not including end-of-life components or products."
55+
},
56+
{
57+
"contentnewsType": "paragraph",
58+
"content": "To date, <a href='/PartnerInformation/ListofPartners'>418 CNAs</a> (416 CNAs and 2 CNA-LRs) from <a href='/ProgramOrganization/CNAs'>40 countries</a> and 1 no country affiliation have partnered with the CVE Program. CNAs are organizations from around the world that are authorized to assign <a href='/ResourcesSupport/Glossary?activeTerm=glossaryCVEID'>CVE Identifiers (CVE IDs)</a> and publish <a href='/ResourcesSupport/Glossary?activeTerm=glossaryRecord'>CVE Records</a> for vulnerabilities affecting products within their distinct, agreed-upon scope, for inclusion in first-time public announcements of new vulnerabilities. OceanBase is the 23rd CNA from China."
59+
},
60+
{
61+
"contentnewsType": "paragraph",
62+
"content": "OceanBase’s Root is the <a href='/PartnerInformation/ListofPartners/partner/mitre'>MITRE Top-Level Root</a>."
63+
}
64+
]
65+
},
366
{
467
"id": 436,
568
"newsType": "news",

0 commit comments

Comments
 (0)