Skip to content

Commit

Permalink
Merge pull request #2006 from CVEProject/content-rjr-1988
Browse files Browse the repository at this point in the history 
#1988 Add 2 new CNAs + Update 1 CNA scope
  • Loading branch information
@athu-tran
athu-tran authored Jun 13, 2023
2 parents 8545a00 + d4bbe3c commit bbc25dc
Show file tree
Hide file tree
Showing 3 changed files with 166 additions and 1 deletion.
125 changes: 124 additions & 1 deletion src/assets/data/CNAsList.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16153,7 +16153,7 @@
"shortName": "CyberDanube",
"cnaID": "CNA-2023-0018",
"organizationName": "CyberDanube",
"scope": "All CyberDanube products, as well as vulnerabilities in third-party hardware/software discovered by CyberDanube that are not in another CNA’s scope",
"scope": "All CyberDanube products, as well as vulnerabilities in third-party hardware/software discovered by CyberDanube or partners actively engaged in vulnerability research coordination, which are not within the scope of another CNA",
"contact": [
{
"email": [
Expand Down Expand Up @@ -17012,5 +17012,128 @@
]
},
"country": "UK"
},
{
"shortName": "NCSC-FI",
"cnaID": "CNA-2023-0033",
"organizationName": "National Cyber Security Centre Finland (NCSC-FI)",
"scope": "Vulnerabilities in software discovered by NCSC-FI, and vulnerabilities reported to NCSC-FI for coordinated disclosure, which are not in another CNA’s scope",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "vulncoord@ncsc.fi"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy (Finnish)",
"language": "Finnish",
"url": "https://www.kyberturvallisuuskeskus.fi/fi/ajankohtaista/haavoittuvuudet-miten-niista-ilmoitetaan-oikein"
},
{
"label": "Policy (English)",
"language": "English",
"url": "https://www.kyberturvallisuuskeskus.fi/en/our-services/situation-awareness-and-network-management/vulnerability-coordination"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories (Finnish)",
"url": "https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuudet"
},
{
"label": "Advisories (English)",
"url": "https://www.kyberturvallisuuskeskus.fi/en/haavoittuvuudet"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"CERT"
]
},
"country": "Finland"
},
{
"shortName": "samsung.tv_appliance",
"cnaID": "CNA-2023-0034",
"organizationName": "Samsung TV & Appliance",
"scope": "Samsung TV &amp; Appliance products, Samsung-owned open-source projects listed on <a href='https://github.com/Samsung/' target='_blank'>https://github.com/Samsung/</a>, as well as vulnerabilities in third-party software discovered by Samsung that are not in another CNA’s scope. Vulnerabilities affecting end-of-life/end-of-service products are in scope. The following categories of Samsung Products are in scope: Internet-connected home appliances, B2C product (smart TV, smart monitor, soundbar, and projector), and B2B products (digital signage, interactive display, and kiosk)",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "PSIRT@samsung.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://SecurityReport.samsung.com/#DisclosurePolicy"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://SamsungTvBounty.com/securityUpdates"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Open Source",
"Researcher",
"Vendor"
]
},
"country": "South Korea"
}
]
42 changes: 42 additions & 0 deletions src/assets/data/news.json
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,47 @@
{
"currentNews": [
{
"id": 216,
"newsType": "news",
"title": "Samsung TV &amp; Appliance Added as CVE Numbering Authority (CNA)",
"urlKeywords": "Samsung TV &amp; Appliance Added as CNA",
"date": "2023-06-13",
"description": [
{
"contentnewsType": "paragraph",
"content": "<a href='/PartnerInformation/ListofPartners/partner/samsung.tv_appliance'>Samsung TV &amp; Appliance</a> is now a <a href='/ResourcesSupport/Glossary?activeTerm=glossaryCNA'>CVE Numbering Authority (CNA)</a> for Samsung TV &amp; Appliance products, Samsung-owned open-source projects listed on <a href='https://github.com/Samsung/' target='_blank'>https://github.com/Samsung/</a>, as well as vulnerabilities in third-party software discovered by Samsung that are not in another CNA’s scope. Vulnerabilities affecting end-of-life/end-of-service products are in scope. The following categories of Samsung Products are in scope: Internet-connected home appliances, B2C products (smart TV, smart monitor, soundbar, and projector), and B2B products (digital signage, interactive display, and kiosk)."
},
{
"contentnewsType": "paragraph",
"content": "To date, <a href='/PartnerInformation/ListofPartners'>297</a> organizations from <a href='/ProgramOrganization/CNAs'>36</a> countries have partnered with the CVE Program. CNAs are organizations from around the world that are authorized to assign <a href='/ResourcesSupport/Glossary?activeTerm=glossaryCVEID'>CVE Identifiers (CVE IDs)</a> and publish <a href='/ResourcesSupport/Glossary?activeTerm=glossaryRecord'>CVE Records</a> for vulnerabilities affecting products within their distinct, agreed-upon scope, for inclusion in first-time public announcements of new vulnerabilities."
},
{
"contentnewsType": "paragraph",
"content": "Samsung TV &amp; Appliance’s Root is the <a href='/PartnerInformation/ListofPartners/partner/mitre'>MITRE Top-Level Root</a>."
}
]
},
{
"id": 215,
"newsType": "news",
"title": "National Cyber Security Centre Finland (NCSC-FI) Added as CVE Numbering Authority (CNA)",
"urlKeywords": "NCSC-FI Added as CNA",
"date": "2023-06-13",
"description": [
{
"contentnewsType": "paragraph",
"content": "<a href='/PartnerInformation/ListofPartners/partner/NCSC-FI'>National Cyber Security Centre Finland (NCSC-FI)</a> is now a <a href='/ResourcesSupport/Glossary?activeTerm=glossaryCNA'>CVE Numbering Authority (CNA)</a> for vulnerabilities in software discovered by NCSC-FI, and vulnerabilities reported to NCSC-FI for coordinated disclosure, which are not in another CNA’s scope."
},
{
"contentnewsType": "paragraph",
"content": "To date, <a href='/PartnerInformation/ListofPartners'>296</a> organizations from <a href='/ProgramOrganization/CNAs'>36</a> countries have partnered with the CVE Program. CNAs are organizations from around the world that are authorized to assign <a href='/ResourcesSupport/Glossary?activeTerm=glossaryCVEID'>CVE Identifiers (CVE IDs)</a> and publish <a href='/ResourcesSupport/Glossary?activeTerm=glossaryRecord'>CVE Records</a> for vulnerabilities affecting products within their distinct, agreed-upon scope, for inclusion in first-time public announcements of new vulnerabilities."
},
{
"contentnewsType": "paragraph",
"content": "NCSC-FI’s Root is the <a href='/PartnerInformation/ListofPartners/partner/mitre'>MITRE Top-Level Root</a>."
}
]
},
{
"id": 214,
"newsType": "news",
Expand Down
Binary file modified src/assets/images/cvePartnersMap.png
View file
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.

0 comments on commit bbc25dc

Please sign in to comment.