#3110 Add 3 new CNAs + Update 1 CNA's info

Author: rroberge

src/assets/data/CNAsList.json

@@ -8460,16 +8460,16 @@
     "country": "Taiwan"
   },
   {
-    "shortName": "SNPS",
+    "shortName": "BlackDuck",
     "cnaID": "CNA-2021-0013",
-    "organizationName": "Synopsys",
-    "scope": "All Synopsys SIG products, as well as vulnerabilities in third-party software discovered by Synopsys SIG that are not in another CNA’s scope",
+    "organizationName": "Black Duck Software, Inc.",
+    "scope": "All Black Duck (formerly Synopsys Software Integrity Group) products, as well as vulnerabilities in third-party software discovered by Black Duck that are not in another CNA’s scope",
     "contact": [
       {
         "email": [
           {
             "label": "Email",
-            "emailAddr": "psirt@synopsys.com"
+            "emailAddr": "psirt@blackduck.com"
           }
         ],
         "contact": [],
@@ -8480,15 +8480,15 @@
       {
         "label": "Policy",
         "language": "",
-        "url": "https://www.synopsys.com/company/legal/vulnerability-disclosure-policy.html"
+        "url": "https://www.blackduck.com/company/legal/vulnerability-disclosure-policy.html"
       }
     ],
     "securityAdvisories": {
       "alerts": [],
       "advisories": [
         {
           "label": "Advisories",
-          "url": "https://www.synopsys.com/blogs/software-security/"
+          "url": "https://www.blackduck.com/blog/category.cyrc.html#1"
         }
       ]
     },
@@ -23535,5 +23535,173 @@
       ]
     },
     "country": "USA"
+  },
+  {
+    "shortName": "MyMMT",
+    "cnaID": "CNA-2024-0066",
+    "organizationName": "Mammotome",
+    "scope": "All Mammotome products",
+    "contact": [
+      {
+        "email": [],
+        "contact": [
+          {
+            "label": "Mammotome Report a Vulnerability page",
+            "url": "https://www.mammotome.com/us/en/legal/product-security/report-a-security-vulnerability"
+          }
+        ],
+        "form": []
+      }
+    ],
+    "disclosurePolicy": [
+      {
+        "label": "Policy",
+        "language": "",
+        "url": "https://www.mammotome.com/us/en/legal/product-security/product-security-overview"
+      }
+    ],
+    "securityAdvisories": {
+      "alerts": [],
+      "advisories": [
+        {
+          "label": "Advisories",
+          "url": "https://www.mammotome.com/us/en/legal/product-security/product-security-updates"
+        }
+      ]
+    },
+    "resources": [],
+    "CNA": {
+      "isRoot": false,
+      "root": {
+        "shortName": "icscert",
+        "organizationName": "Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)"
+      },
+      "roles": [
+        {
+          "helpText": "",
+          "role": "CNA"
+        }
+      ],
+      "TLR": {
+        "shortName": "CISA",
+        "organizationName": "Cybersecurity and Infrastructure Security Agency (CISA)"
+      },
+      "type": [
+        "Vendor"
+      ]
+    },
+    "country": "USA"
+  },
+  {
+    "shortName": "wikimedia-foundation",
+    "cnaID": "CNA-2024-0067",
+    "organizationName": "The Wikimedia Foundation",
+    "scope": "Any code repository hosted under <a href='https://gerrit.wikimedia.org' target='_blank'>gerrit.wikimedia.org</a>, <a href='https://gitlab.wikimedia.org' target='_blank'>gitlab.wikimedia.org</a>, or <a href='https://github.com/wikimedia' target='_blank'>github.com/wikimedia</a> that is not labeled as archived or marked as a fork of an upstream project. Please see our <a href='https://www.mediawiki.org/wiki/Reporting_security_bugs' target='_blank'>disclosure policy</a> for additional exclusions to scope",
+    "contact": [
+      {
+        "email": [
+          {
+            "label": "Email",
+            "emailAddr": "[email protected]"
+          }
+        ],
+        "contact": [],
+        "form": []
+      }
+    ],
+    "disclosurePolicy": [
+      {
+        "label": "Policy",
+        "language": "",
+        "url": "https://www.mediawiki.org/wiki/Reporting_security_bugs"
+      }
+    ],
+    "securityAdvisories": {
+      "alerts": [],
+      "advisories": [
+        {
+          "label": "Advisories",
+          "url": "https://gitlab.wikimedia.org/repos/security/wikimedia-cve-assignments"
+        }
+      ]
+    },
+    "resources": [],
+    "CNA": {
+      "isRoot": false,
+      "root": {
+        "shortName": "n/a",
+        "organizationName": "n/a"
+      },
+      "roles": [
+        {
+          "helpText": "",
+          "role": "CNA"
+        }
+      ],
+      "TLR": {
+        "shortName": "mitre",
+        "organizationName": "MITRE Corporation"
+      },
+      "type": [
+        "Open Source"
+      ]
+    },
+    "country": "USA"
+  },
+  {
+    "shortName": "RTI",
+    "cnaID": "CNA-2024-0068",
+    "organizationName": "Real-Time Innovations, Inc.",
+    "scope": "All RTI Connext products, including EOL products. See <a href='https://www.rti.com/products' target='_blank'>https://www.rti.com/products</a> for more information",
+    "contact": [
+      {
+        "email": [
+          {
+            "label": "Email",
+            "emailAddr": "[email protected]"
+          }
+        ],
+        "contact": [],
+        "form": []
+      }
+    ],
+    "disclosurePolicy": [
+      {
+        "label": "Policy",
+        "language": "",
+        "url": "https://community.rti.com/static/documentation/connext-dds/current/doc/vulnerabilities/#rti-s-approach-to-vulnerability-detection-and-management"
+      }
+    ],
+    "securityAdvisories": {
+      "alerts": [],
+      "advisories": [
+        {
+          "label": "Advisories",
+          "url": "https://community.rti.com/static/documentation/connext-dds/current/doc/vulnerabilities/#"
+        }
+      ]
+    },
+    "resources": [],
+    "CNA": {
+      "isRoot": false,
+      "root": {
+        "shortName": "n/a",
+        "organizationName": "n/a"
+      },
+      "roles": [
+        {
+          "helpText": "",
+          "role": "CNA"
+        }
+      ],
+      "TLR": {
+        "shortName": "mitre",
+        "organizationName": "MITRE Corporation"
+      },
+      "type": [
+        "Vendor"
+      ]
+    },
+    "country": "USA"
   }
 ]

src/assets/data/metrics.json

@@ -1165,7 +1165,7 @@
         },
         {
           "month": "October",
-          "value": "TBA"
+          "value": "3"
         },
         {
           "month": "November",

src/assets/data/news.json

@@ -1,5 +1,68 @@
 {
   "currentNews": [
+    {
+      "id": 417,
+      "newsType": "news",
+      "title": "RTI Added as CVE Numbering Authority (CNA)",
+      "urlKeywords": "RTI Added as CNA",
+      "date": "2024-10-01",
+      "description": [
+        {
+          "contentnewsType": "paragraph",
+          "content": "<a href='/PartnerInformation/ListofPartners/partner/RTI'>Real-Time Innovations, Inc.</a> (RTI) is now a <a href='/ResourcesSupport/Glossary?activeTerm=glossaryCNA'>CVE Numbering Authority (CNA)</a> for all RTI Connext products, including EOL products. See <a href='https://www.rti.com/products' target='_blank'>https://www.rti.com/products</a> for more information."
+        },
+        {
+          "contentnewsType": "paragraph",
+          "content": "To date, <a href='/PartnerInformation/ListofPartners'>411 CNAs</a> (409 CNAs and 2 CNA-LRs) from <a href='/ProgramOrganization/CNAs'>40 countries</a> and 1 no country affiliation have partnered with the CVE Program. CNAs are organizations from around the world that are authorized to assign <a href='/ResourcesSupport/Glossary?activeTerm=glossaryCVEID'>CVE Identifiers (CVE IDs)</a> and publish <a href='/ResourcesSupport/Glossary?activeTerm=glossaryRecord'>CVE Records</a> for vulnerabilities affecting products within their distinct, agreed-upon scope, for inclusion in first-time public announcements of new vulnerabilities. RTI is the 223rd CNA from USA."
+        },
+        {
+          "contentnewsType": "paragraph",
+          "content": "RTI’s Root is the <a href='/PartnerInformation/ListofPartners/partner/mitre'>MITRE Top-Level Root</a>."
+        }
+      ]
+    },
+    {
+      "id": 416,
+      "newsType": "news",
+      "title": "Wikimedia Foundation Added as CVE Numbering Authority (CNA)",
+      "urlKeywords": "Wikimedia Foundation Added as CNA",
+      "date": "2024-10-01",
+      "description": [
+        {
+          "contentnewsType": "paragraph",
+          "content": "<a href='/PartnerInformation/ListofPartners/partner/wikimedia-foundation'>The Wikimedia Foundation</a> is now a <a href='/ResourcesSupport/Glossary?activeTerm=glossaryCNA'>CVE Numbering Authority (CNA)</a> for any code repository hosted under <a href='https://gerrit.wikimedia.org' target='_blank'>gerrit.wikimedia.org</a>, <a href='https://gitlab.wikimedia.org' target='_blank'>gitlab.wikimedia.org</a>, or <a href='https://github.com/wikimedia' target='_blank'>github.com/wikimedia</a> that is not labeled as archived or marked as a fork of an upstream project. Please see our <a href='https://www.mediawiki.org/wiki/Reporting_security_bugs' target='_blank'>disclosure policy</a> for additional exclusions to scope."
+        },
+        {
+          "contentnewsType": "paragraph",
+          "content": "To date, <a href='/PartnerInformation/ListofPartners'>410 CNAs</a> (408 CNAs and 2 CNA-LRs) from <a href='/ProgramOrganization/CNAs'>40 countries</a> and 1 no country affiliation have partnered with the CVE Program. CNAs are organizations from around the world that are authorized to assign <a href='/ResourcesSupport/Glossary?activeTerm=glossaryCVEID'>CVE Identifiers (CVE IDs)</a> and publish <a href='/ResourcesSupport/Glossary?activeTerm=glossaryRecord'>CVE Records</a> for vulnerabilities affecting products within their distinct, agreed-upon scope, for inclusion in first-time public announcements of new vulnerabilities. Wikimedia Foundation is the 222nd CNA from USA."
+        },
+        {
+          "contentnewsType": "paragraph",
+          "content": "Wikimedia Foundation’s Root is the <a href='/PartnerInformation/ListofPartners/partner/mitre'>MITRE Top-Level Root</a>."
+        }
+      ]
+    },
+    {
+      "id": 415,
+      "newsType": "news",
+      "title": "Mammotome Added as CVE Numbering Authority (CNA)",
+      "urlKeywords": "Mammotome Added as CNA",
+      "date": "2024-10-01",
+      "description": [
+        {
+          "contentnewsType": "paragraph",
+          "content": "<a href='/PartnerInformation/ListofPartners/partner/MyMMT'>Mammotome</a> is now a <a href='/ResourcesSupport/Glossary?activeTerm=glossaryCNA'>CVE Numbering Authority (CNA)</a> for all Mammotome products."
+        },
+        {
+          "contentnewsType": "paragraph",
+          "content": "To date, <a href='/PartnerInformation/ListofPartners'>409 CNAs</a> (407 CNAs and 2 CNA-LRs) from <a href='/ProgramOrganization/CNAs'>40 countries</a> and 1 no country affiliation have partnered with the CVE Program. CNAs are organizations from around the world that are authorized to assign <a href='/ResourcesSupport/Glossary?activeTerm=glossaryCVEID'>CVE Identifiers (CVE IDs)</a> and publish <a href='/ResourcesSupport/Glossary?activeTerm=glossaryRecord'>CVE Records</a> for vulnerabilities affecting products within their distinct, agreed-upon scope, for inclusion in first-time public announcements of new vulnerabilities. Mammotome is the 221st CNA from USA."
+        },
+        {
+          "contentnewsType": "paragraph",
+          "content": "Mammotome’s Root is the <a href='/PartnerInformation/ListofPartners/partner/icscert'>CISA ICS Root</a>."
+        }
+      ]
+    },
     {
       "id": 412,
       "newsType": "blog",