diff --git a/.github/workflows/web-issue-triage.yml b/.github/workflows/web-issue-triage.yml
new file mode 100644
index 000000000..995346ee6
--- /dev/null
+++ b/.github/workflows/web-issue-triage.yml
@@ -0,0 +1,12 @@
+on:
+ issues:
+ types: [opened]
+jobs:
+ createCard:
+ runs-on: ubuntu-latest
+ steps:
+ - name: Add New Issues to Backlog Board
+ uses: peter-evans/create-or-update-project-card@866533e2ae61f13c35fd1d374049713fab43c729 # current tag: v2
+ with:
+ project-name: Backlog Board
+ column-name: New Issues (Need to be Triaged)
\ No newline at end of file
diff --git a/src/assets/data/CNAsList.json b/src/assets/data/CNAsList.json
index 42f21fc4f..930aeeed4 100644
--- a/src/assets/data/CNAsList.json
+++ b/src/assets/data/CNAsList.json
@@ -3,7 +3,7 @@
"shortName": "adobe",
"cnaID": "CNA-2009-0001",
"organizationName": "Adobe Systems Incorporated",
- "scope": "Adobe issues only",
+ "scope": "Adobe issues only.",
"contact": [
{
"email": [
@@ -64,7 +64,7 @@
"shortName": "AMD",
"cnaID": "CNA-2020-0013",
"organizationName": "Advanced Micro Devices Inc.",
- "scope": "AMD branded products and technologies only",
+ "scope": "AMD branded products and technologies only.",
"contact": [
{
"email": [
@@ -120,7 +120,7 @@
"shortName": "airbus",
"cnaID": "CNA-2017-0026",
"organizationName": "Airbus",
- "scope": "All Airbus products (supported products and end-of-life/end-of-service products), as well as vulnerabilities in third-party software discovered by Airbus that are not in another CNA’s scope",
+ "scope": "All Airbus products (supported products and end-of-life/end-of-service products), as well as vulnerabilities in third-party software discovered by Airbus that are not in another CNA’s scope.",
"contact": [
{
"email": [
@@ -177,7 +177,7 @@
"shortName": "Alias",
"cnaID": "CNA-2020-0004",
"organizationName": "Alias Robotics S.L.",
- "scope": "All Alias Robotics products, as well as vulnerabilities in third-party robots and robot components (software and hardware), as well as machine tool and machine tool components, discovered by Alias Robotics that are not in another CNA’s scope",
+ "scope": "All Alias Robotics products, as well as vulnerabilities in third-party robots and robot components (software and hardware), as well as machine tool and machine tool components, discovered by Alias Robotics that are not in another CNA’s scope.",
"contact": [
{
"email": [
@@ -234,7 +234,7 @@
"shortName": "alibaba",
"cnaID": "CNA-2017-0024",
"organizationName": "Alibaba, Inc.",
- "scope": "Projects listed on its Alibaba GitHub website only",
+ "scope": "Projects listed on its Alibaba GitHub website only.",
"contact": [
{
"email": [
@@ -291,7 +291,7 @@
"shortName": "Ampere",
"cnaID": "CNA-2020-0006",
"organizationName": "Ampere Computing",
- "scope": "Ampere issues only",
+ "scope": "Ampere issues only.",
"contact": [
{
"email": [
@@ -347,7 +347,7 @@
"shortName": "google_android",
"cnaID": "CNA-2011-0002",
"organizationName": "Android (associated with Google Inc. or Open Handset Alliance)",
- "scope": "Android issues, as well as vulnerabilities in third-party software discovered by Android that are not in another CNA’s scope",
+ "scope": "Android issues, as well as vulnerabilities in third-party software discovered by Android that are not in another CNA’s scope.",
"contact": [
{
"email": [
@@ -405,7 +405,7 @@
"shortName": "apache",
"cnaID": "CNA-2016-0004",
"organizationName": "Apache Software Foundation",
- "scope": "All Apache Software Foundation issues only",
+ "scope": "All Apache Software Foundation issues only.",
"contact": [
{
"email": [
@@ -467,7 +467,7 @@
"shortName": "apple",
"cnaID": "CNA-2009-0002",
"organizationName": "Apple Inc.",
- "scope": "Apple issues only",
+ "scope": "Apple issues only.",
"contact": [
{
"email": [
@@ -528,7 +528,7 @@
"shortName": "Arista",
"cnaID": "CNA-2021-0008",
"organizationName": "Arista Networks, Inc.",
- "scope": "All Arista products only",
+ "scope": "All Arista products only.",
"contact": [
{
"email": [
@@ -584,7 +584,7 @@
"shortName": "ABB",
"cnaID": "CNA-2019-0013",
"organizationName": "Asea Brown Boveri Ltd. (ABB)",
- "scope": "ABB issues only",
+ "scope": "ABB issues only.",
"contact": [
{
"email": [
@@ -640,7 +640,7 @@
"shortName": "atlassian",
"cnaID": "CNA-2017-0015",
"organizationName": "Atlassian",
- "scope": "All Atlassian products, as well as Atlassian-maintained projects hosted on https://bitbucket.org/ and https://github.com/atlassian/",
+ "scope": "All Atlassian products, as well as Atlassian-maintained projects hosted on https://bitbucket.org/ and https://github.com/atlassian/.",
"contact": [
{
"email": [
@@ -697,7 +697,7 @@
"shortName": "autodesk",
"cnaID": "CNA-2017-0025",
"organizationName": "Autodesk",
- "scope": "All currently supported Autodesk Applications and Cloud Services",
+ "scope": "All currently supported Autodesk Applications and Cloud Services.",
"contact": [
{
"email": [
@@ -753,7 +753,7 @@
"shortName": "avaya",
"cnaID": "CNA-2018-0008",
"organizationName": "Avaya, Inc.",
- "scope": "All Avaya Generally Available (GA) products that are not in another CNA’s scope. A CVE ID will not be issued for End of Manufacturing Support (EoMS) products/versions",
+ "scope": "All Avaya Generally Available (GA) products that are not in another CNA’s scope. A CVE ID will not be issued for End of Manufacturing Support (EoMS) products/versions.",
"contact": [
{
"email": [
@@ -809,7 +809,7 @@
"shortName": "Axis",
"cnaID": "CNA-2021-0014",
"organizationName": "Axis Communications AB",
- "scope": "All products of Axis Communications AB and 2N including end-of-life/end-of-service products",
+ "scope": "All products of Axis Communications AB and 2N including end-of-life/end-of-service products.",
"contact": [
{
"email": [
@@ -865,7 +865,7 @@
"shortName": "BD",
"cnaID": "CNA-2021-0021",
"organizationName": "Becton, Dickinson and Company (BD)",
- "scope": "BD software-enabled medical devices only",
+ "scope": "BD software-enabled medical devices only.",
"contact": [
{
"email": [
@@ -921,7 +921,7 @@
"shortName": "Bitdefender",
"cnaID": "CNA-2019-0008",
"organizationName": "Bitdefender",
- "scope": "All Bitdefender products, as well as vulnerabilities in third-party software discovered by Bitdefender that are not in another CNA’s scope",
+ "scope": "All Bitdefender products, as well as vulnerabilities in third-party software discovered by Bitdefender that are not in another CNA’s scope.",
"contact": [
{
"email": [
@@ -978,7 +978,7 @@
"shortName": "blackberry",
"cnaID": "CNA-2014-0001",
"organizationName": "BlackBerry",
- "scope": "All BlackBerry products identified on https://www.blackberry.com/us/en",
+ "scope": "All BlackBerry products identified on https://www.blackberry.com/us/en.",
"contact": [
{
"email": [
@@ -1039,7 +1039,7 @@
"shortName": "brocade",
"cnaID": "CNA-2016-0006",
"organizationName": "Brocade Communications Systems, LLC",
- "scope": "Brocade products only",
+ "scope": "Brocade products only.",
"contact": [
{
"email": [
@@ -1095,7 +1095,7 @@
"shortName": "canonical",
"cnaID": "CNA-2005-0001",
"organizationName": "Canonical Ltd.",
- "scope": "All Canonical issues (including Ubuntu Linux) only",
+ "scope": "All Canonical issues (including Ubuntu Linux) only.",
"contact": [
{
"email": [
@@ -1157,13 +1157,13 @@
"shortName": "ca",
"cnaID": "CNA-2017-0013",
"organizationName": "CA Technologies - A Broadcom Company",
- "scope": "CA Technologies issues only",
+ "scope": "CA Technologies issues only. Note that Broadcom PSIRT handles all CA issues.",
"contact": [
{
"email": [
{
"label": "Email",
- "emailAddr": "ca.psirt@broadcom.com"
+ "emailAddr": "PSIRT@broadcom.com"
}
],
"contact": [],
@@ -1174,7 +1174,7 @@
{
"label": "Policy",
"language": "",
- "url": "https://techdocs.broadcom.com/us/product-content/recommended-reading/security-notices/contact-information-for-ca-product-vulnerability-response-team.html"
+ "url": "https://www.broadcom.com/support/resources/product-security-center"
}
],
"securityAdvisories": {
@@ -1217,7 +1217,7 @@
"shortName": "certcc",
"cnaID": "CNA-2005-0002",
"organizationName": "CERT/CC",
- "scope": "Vulnerability assignment related to its vulnerability coordination role",
+ "scope": "Vulnerability assignment related to its vulnerability coordination role.",
"contact": [
{
"email": [
@@ -1334,7 +1334,7 @@
"shortName": "checkpoint",
"cnaID": "CNA-2016-0008",
"organizationName": "Check Point Software Ltd.",
- "scope": "Check Point Security Gateways product line only, and any vulnerabilities discovered by Check Point that are not in another CNA’s scope",
+ "scope": "Check Point Security Gateways product line only, and any vulnerabilities discovered by Check Point that are not in another CNA’s scope.",
"contact": [
{
"email": [
@@ -1391,7 +1391,7 @@
"shortName": "Chrome",
"cnaID": "CNA-2011-0003",
"organizationName": "Chrome",
- "scope": "Chrome issues and projects that are not in another CNA’s scope",
+ "scope": "Chrome issues and projects that are not in another CNA’s scope.",
"contact": [
{
"email": [
@@ -1449,7 +1449,7 @@
"shortName": "cisco",
"cnaID": "CNA-2007-0001",
"organizationName": "Cisco Systems, Inc.",
- "scope": "All Cisco products, and any third-party research targets that are not in another CNA’s scope. Cisco will not issue a CVE ID for issues reported on products that are past the Last Day of Support milestone, as defined on Cisco’s End-of-Life Policy, which is available at https://www.cisco.com/c/en/us/products/eos-eol-policy.html",
+ "scope": "All Cisco products, and any third-party research targets that are not in another CNA’s scope. Cisco will not issue a CVE ID for issues reported on products that are past the Last Day of Support milestone, as defined on Cisco’s End-of-Life Policy, which is available at https://www.cisco.com/c/en/us/products/eos-eol-policy.html.",
"contact": [
{
"email": [
@@ -1512,7 +1512,7 @@
"shortName": "cloudflare",
"cnaID": "CNA-2018-0003",
"organizationName": "Cloudflare, Inc.",
- "scope": "All Cloudflare products, projects hosted at https://github.com/cloudflare/, and any vulnerabilities discovered by Cloudflare that are not in another CNA’s scope",
+ "scope": "All Cloudflare products, projects hosted at https://github.com/cloudflare/, and any vulnerabilities discovered by Cloudflare that are not in another CNA’s scope.",
"contact": [
{
"email": [
@@ -1568,7 +1568,7 @@
"shortName": "Crafter_CMS",
"cnaID": "CNA-2020-0030",
"organizationName": "Crafter CMS",
- "scope": "Crafter CMS issues only",
+ "scope": "Crafter CMS issues only.",
"contact": [
{
"email": [
@@ -1625,7 +1625,7 @@
"shortName": "Cybellum",
"cnaID": "CNA-2020-0001",
"organizationName": "Cybellum Technologies LTD",
- "scope": "All Cybellum products, as well as vulnerabilities in third-party software discovered by Cybellum that are not in another CNA’s scope",
+ "scope": "All Cybellum products, as well as vulnerabilities in third-party software discovered by Cybellum that are not in another CNA’s scope.",
"contact": [
{
"email": [
@@ -1681,7 +1681,7 @@
"shortName": "icscert",
"cnaID": "CNA-2012-0001",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)",
- "scope": "Vulnerabilities that are (1) reported to or observed by CISA, (2) affect industrial control systems or medical devices, and (3) are not covered by another CNA’s scope",
+ "scope": "Vulnerabilities that are (1) reported to or observed by CISA, (2) affect industrial control systems or medical devices, and (3) are not covered by another CNA’s scope.",
"contact": [
{
"email": [],
@@ -1745,7 +1745,7 @@
"shortName": "CSW",
"cnaID": "CNA-2020-0034",
"organizationName": "Cyber Security Works Pvt. Ltd.",
- "scope": "Vulnerabilities in third-party software discovered by CSW that are not in another CNA’s scope",
+ "scope": "Vulnerabilities in third-party software discovered by CSW that are not in another CNA’s scope.",
"contact": [
{
"email": [
@@ -1801,7 +1801,7 @@
"shortName": "dahua",
"cnaID": "CNA-2017-0014",
"organizationName": "Dahua Technologies",
- "scope": "Dahua consumer Internet of Things (IoT) products, excludes End-of-Life products",
+ "scope": "Dahua consumer Internet of Things (IoT) products, excludes End-of-Life products.",
"contact": [
{
"email": [
@@ -1857,7 +1857,7 @@
"shortName": "debian",
"cnaID": "CNA-2005-0003",
"organizationName": "Debian GNU/Linux",
- "scope": "Debian issues only",
+ "scope": "Debian issues only.",
"contact": [
{
"email": [
@@ -1914,7 +1914,7 @@
"shortName": "DeepSurface",
"cnaID": "CNA-2021-0010",
"organizationName": "DeepSurface Security, Inc.",
- "scope": "All DeepSurface products, as well as vulnerabilities in third-party software discovered by DeepSurface that are not in another CNA’s scope",
+ "scope": "All DeepSurface products, as well as vulnerabilities in third-party software discovered by DeepSurface that are not in another CNA’s scope.",
"contact": [
{
"email": [
@@ -1971,7 +1971,7 @@
"shortName": "dell",
"cnaID": "CNA-2011-0004",
"organizationName": "Dell",
- "scope": "Dell, Dell EMC, and VCE issues only",
+ "scope": "Dell, Dell EMC, and VCE issues only.",
"contact": [
{
"email": [
@@ -2027,7 +2027,7 @@
"shortName": "DEVOLUTIONS",
"cnaID": "CNA-2021-0031",
"organizationName": "Devolutions Inc.",
- "scope": "Remote Desktop Manager and Devolutions Server products",
+ "scope": "Remote Desktop Manager and Devolutions Server products.",
"contact": [
{
"email": [
@@ -2084,7 +2084,7 @@
"shortName": "Document_Fdn.",
"cnaID": "CNA-2019-0002",
"organizationName": "Document Foundation, The",
- "scope": "Projects within The Document Foundation only, e.g., LibreOffice, LibreOffice Online; The Document Foundation discourages reporting denial of service bugs as security issues",
+ "scope": "Projects within The Document Foundation only, e.g., LibreOffice, LibreOffice Online; The Document Foundation discourages reporting denial of service bugs as security issues.",
"contact": [
{
"email": [
@@ -2141,7 +2141,7 @@
"shortName": "drupal",
"cnaID": "CNA-2017-0002",
"organizationName": "Drupal.org",
- "scope": "All projects hosted under drupal.org, including End of Life (EOL) code",
+ "scope": "All projects hosted under drupal.org, including End of Life (EOL) code.",
"contact": [
{
"email": [
@@ -2198,7 +2198,7 @@
"shortName": "Eaton",
"cnaID": "CNA-2019-0014",
"organizationName": "Eaton",
- "scope": "Eaton issues only",
+ "scope": "Eaton issues only.",
"contact": [
{
"email": [
@@ -2254,7 +2254,7 @@
"shortName": "eclipse",
"cnaID": "CNA-2017-0008",
"organizationName": "Eclipse Foundation",
- "scope": "All projects hosted by the Eclipse Foundation as listed at https://www.eclipse.org/projects/ and services provided by the Eclipse Foundation to support open source projects as listed at https://www.eclipsestatus.io/",
+ "scope": "All projects hosted by the Eclipse Foundation as listed at https://www.eclipse.org/projects/ and services provided by the Eclipse Foundation to support open source projects as listed at https://www.eclipsestatus.io/.",
"contact": [
{
"email": [
@@ -2311,7 +2311,7 @@
"shortName": "elastic",
"cnaID": "CNA-2017-0011",
"organizationName": "Elastic",
- "scope": "Elasticsearch, Kibana, Beats, Logstash, X-Pack, and Elastic Cloud Enterprise products only",
+ "scope": "Elasticsearch, Kibana, Beats, Logstash, X-Pack, and Elastic Cloud Enterprise products only.",
"contact": [
{
"email": [
@@ -2367,7 +2367,7 @@
"shortName": "EA",
"cnaID": "CNA-2020-0027",
"organizationName": "Electronic Arts, Inc.",
- "scope": "EA issues only",
+ "scope": "EA issues only.",
"contact": [
{
"email": [
@@ -2423,7 +2423,7 @@
"shortName": "Esri",
"cnaID": "CNA-2021-0011",
"organizationName": "Environmental Systems Research Institute, Inc.",
- "scope": "All Esri products only",
+ "scope": "All Esri products only.",
"contact": [
{
"email": [
@@ -2479,7 +2479,7 @@
"shortName": "ESET",
"cnaID": "CNA-2021-0029",
"organizationName": "ESET, spol. s r.o.",
- "scope": "All ESET products only and vulnerabilities discovered by ESET that are not covered by another CNA’s scope",
+ "scope": "All ESET products only and vulnerabilities discovered by ESET that are not covered by another CNA’s scope.",
"contact": [
{
"email": [
@@ -2553,7 +2553,7 @@
"shortName": "F5",
"cnaID": "CNA-2016-0009",
"organizationName": "F5, Inc.",
- "scope": "All F5 products and services, commercial and open source, which have not yet reached End of Technical Support (EoTS). All legacy acquisition products and brands including, but not limited to, NGINX, Shape Security, Volterra, and Threat Stack. F5 does not issue CVEs for products which are no longer supported",
+ "scope": "All F5 products and services, commercial and open source, which have not yet reached End of Technical Support (EoTS). All legacy acquisition products and brands including, but not limited to, NGINX, Shape Security, Volterra, and Threat Stack. F5 does not issue CVEs for products which are no longer supported.",
"contact": [
{
"email": [
@@ -2610,7 +2610,7 @@
"shortName": "Meta",
"cnaID": "CNA-2018-0001",
"organizationName": "Meta Platforms, Inc.",
- "scope": "Meta-supported open source projects, mobile apps, and other software, as well as vulnerabilities in third-party software discovered by Meta that are not in another CNA’s scope; see: https://www.facebook.com/whitehat and https://github.com/facebook/",
+ "scope": "Meta-supported open source projects, mobile apps, and other software, as well as vulnerabilities in third-party software discovered by Meta that are not in another CNA’s scope; see: https://www.facebook.com/whitehat and https://github.com/facebook/.",
"contact": [
{
"email": [],
@@ -2668,7 +2668,7 @@
"shortName": "fedora",
"cnaID": "CNA-2017-0021",
"organizationName": "Fedora Project",
- "scope": "Vulnerabilities in open source projects affecting the Fedora Project, that are not covered by a more specific CNA. CVEs can be assigned to vulnerabilities affecting end-of-life or unsupported releases by the Fedora Project",
+ "scope": "Vulnerabilities in open source projects affecting the Fedora Project, that are not covered by a more specific CNA. CVEs can be assigned to vulnerabilities affecting end-of-life or unsupported releases by the Fedora Project.",
"contact": [
{
"email": [],
@@ -2725,7 +2725,7 @@
"shortName": "Fidelis",
"cnaID": "CNA-2021-0026",
"organizationName": "Fidelis Cybersecurity, Inc.",
- "scope": "Fidelis issues only",
+ "scope": "Fidelis issues only.",
"contact": [
{
"email": [
@@ -2781,7 +2781,7 @@
"shortName": "flexera",
"cnaID": "CNA-2017-0004",
"organizationName": "Flexera Software LLC",
- "scope": "All Flexera products, and vulnerabilities discovered by Secunia Research that are not in another CNA’s scope",
+ "scope": "All Flexera products, and vulnerabilities discovered by Secunia Research that are not in another CNA’s scope.",
"contact": [
{
"email": [
@@ -2839,7 +2839,7 @@
"shortName": "floragunn",
"cnaID": "CNA-2019-0005",
"organizationName": "floragunn GmbH",
- "scope": "All issues related to Search Guard only",
+ "scope": "All issues related to Search Guard only.",
"contact": [
{
"email": [
@@ -2896,7 +2896,7 @@
"shortName": "Fluid_Attacks",
"cnaID": "CNA-2021-0020",
"organizationName": "Fluid Attacks",
- "scope": "Vulnerabilities in third-party software discovered by Fluid Attacks that are not in another CNA’s scope",
+ "scope": "Vulnerabilities in third-party software discovered by Fluid Attacks that are not in another CNA’s scope.",
"contact": [
{
"email": [
@@ -2952,7 +2952,7 @@
"shortName": "forcepoint",
"cnaID": "CNA-2017-0033",
"organizationName": "Forcepoint",
- "scope": "Forcepoint products only",
+ "scope": "Forcepoint products only.",
"contact": [
{
"email": [
@@ -3013,7 +3013,7 @@
"shortName": "fortinet",
"cnaID": "CNA-2016-0010",
"organizationName": "Fortinet, Inc.",
- "scope": "Fortinet issues only",
+ "scope": "Fortinet issues only.",
"contact": [
{
"email": [],
@@ -3069,7 +3069,7 @@
"shortName": "FSOFT",
"cnaID": "CNA-2021-0032",
"organizationName": "FPT Software Co., Ltd.",
- "scope": "All products and services developed and operated by FPT Software, as well as vulnerabilities in third-party software discovered by FPT Software that are not in another CNA’s scope",
+ "scope": "All products and services developed and operated by FPT Software, as well as vulnerabilities in third-party software discovered by FPT Software that are not in another CNA’s scope.",
"contact": [
{
"email": [
@@ -3126,7 +3126,7 @@
"shortName": "freebsd",
"cnaID": "CNA-2005-0004",
"organizationName": "FreeBSD",
- "scope": "Primarily FreeBSD issues only",
+ "scope": "Primarily FreeBSD issues only.",
"contact": [
{
"email": [
@@ -3183,7 +3183,7 @@
"shortName": "Gallagher",
"cnaID": "CNA-2020-0024",
"organizationName": "Gallagher Group Ltd.",
- "scope": "All Gallagher security products only",
+ "scope": "All Gallagher security products only.",
"contact": [
{
"email": [
@@ -3239,7 +3239,7 @@
"shortName": "GitHub_M",
"cnaID": "CNA-2019-0009",
"organizationName": "GitHub, Inc.",
- "scope": "CVEs requested by code owners using the GitHub Security Advisories feature and vulnerabilities affecting open source projects discovered by security researchers at GitHub or Microsoft not covered by another CNA’s scope",
+ "scope": "CVEs requested by code owners using the GitHub Security Advisories feature and vulnerabilities affecting open source projects discovered by security researchers at GitHub or Microsoft not covered by another CNA’s scope.",
"contact": [
{
"email": [
@@ -3297,7 +3297,7 @@
"shortName": "GitHub_P",
"cnaID": "CNA-2020-0007",
"organizationName": "GitHub, Inc. (Products Only)",
- "scope": "GitHub Enterprise Server issues only",
+ "scope": "GitHub Enterprise Server issues only.",
"contact": [
{
"email": [
@@ -3353,7 +3353,7 @@
"shortName": "GitLab",
"cnaID": "CNA-2020-0018",
"organizationName": "GitLab Inc.",
- "scope": "The GitLab application, any project hosted on GitLab.com in a public repository, and any vulnerabilities discovered by GitLab that are not in another CNA’s scope",
+ "scope": "The GitLab application, any project hosted on GitLab.com in a public repository, and any vulnerabilities discovered by GitLab that are not in another CNA’s scope.",
"contact": [
{
"email": [
@@ -3410,7 +3410,7 @@
"shortName": "Google",
"cnaID": "CNA-2020-0005",
"organizationName": "Google LLC",
- "scope": "Root Scope: Alphabet organizations CNA Scope: Google products, including open source software published and maintained by Google, and vulnerabilities in third-party software discovered by Google that are not in another CNA’s scope",
+ "scope": "Root Scope: Alphabet organizations. CNA Scope: Google products, including open source software published and maintained by Google, and vulnerabilities in third-party software discovered by Google that are not in another CNA’s scope.",
"contact": [
{
"email": [
@@ -3480,7 +3480,7 @@
"shortName": "GSMC",
"cnaID": "CNA-2021-0019",
"organizationName": "GS McNamara LLC",
- "scope": "GS McNamara LLC products and services, including the Floodspark portfolio, and any vulnerabilities discovered in components or projects that we are researching or coordinating that are not in another CNA’s scope",
+ "scope": "GS McNamara LLC products and services, including the Floodspark portfolio, and any vulnerabilities discovered in components or projects that we are researching or coordinating that are not in another CNA’s scope.",
"contact": [
{
"email": [
@@ -3537,7 +3537,7 @@
"shortName": "hackerone",
"cnaID": "CNA-2016-0011",
"organizationName": "HackerOne",
- "scope": "Provides CVE IDs for its customers as part of its bug bounty and vulnerability coordination platform",
+ "scope": "Provides CVE IDs for its customers as part of its bug bounty and vulnerability coordination platform.",
"contact": [
{
"email": [],
@@ -3593,7 +3593,7 @@
"shortName": "hikvision",
"cnaID": "CNA-2018-0002",
"organizationName": "Hangzhou Hikvision Digital Technology Co., Ltd.",
- "scope": "All Hikvision Internet of Things (IoT) products including cameras and digital video recorders (DVRs)",
+ "scope": "All Hikvision Internet of Things (IoT) products including cameras and digital video recorders (DVRs).",
"contact": [
{
"email": [
@@ -3649,7 +3649,7 @@
"shortName": "HCL",
"cnaID": "CNA-2019-0010",
"organizationName": "HCL Software",
- "scope": "All HCL products only",
+ "scope": "All HCL products only.",
"contact": [
{
"email": [
@@ -3705,7 +3705,7 @@
"shortName": "hpe",
"cnaID": "CNA-2016-0003",
"organizationName": "Hewlett Packard Enterprise (HPE)",
- "scope": "HPE issues only",
+ "scope": "HPE issues only.",
"contact": [
{
"email": [
@@ -3761,7 +3761,7 @@
"shortName": "Hitachi_Energy",
"cnaID": "CNA-2021-0028",
"organizationName": "Hitachi Energy",
- "scope": "Hitachi Energy products only",
+ "scope": "Hitachi Energy products only.",
"contact": [
{
"email": [
@@ -3817,7 +3817,7 @@
"shortName": "hp",
"cnaID": "CNA-2009-0003",
"organizationName": "HP Inc.",
- "scope": "Issues with any HP-branded product, including computing software and hardware, imaging and printing, as well as HyperX, Teradici, Poly, and Plantronics branded devices",
+ "scope": "Issues with any HP-branded product, including computing software and hardware, imaging and printing, as well as HyperX, Teradici, Poly, and Plantronics branded devices.",
"contact": [
{
"email": [
@@ -3873,7 +3873,7 @@
"shortName": "huawei",
"cnaID": "CNA-2016-0012",
"organizationName": "Huawei Technologies",
- "scope": "Huawei issues only",
+ "scope": "Huawei issues only.",
"contact": [
{
"email": [
@@ -3934,7 +3934,7 @@
"shortName": "@huntr_ai",
"cnaID": "CNA-2021-0018",
"organizationName": "Protect AI (formerly huntr.dev)",
- "scope": "Vulnerabilities in Protect AI products, third-party code vulnerabilities reported by researchers collaborating with huntr and vulnerabilities discovered by, or reported to, Protect AI that are not in another CNA’s scope",
+ "scope": "Vulnerabilities in Protect AI products, third-party code vulnerabilities reported by researchers collaborating with huntr and vulnerabilities discovered by, or reported to, Protect AI that are not in another CNA’s scope.",
"contact": [
{
"email": [
@@ -3992,7 +3992,7 @@
"shortName": "ibm",
"cnaID": "CNA-2011-0007",
"organizationName": "IBM Corporation",
- "scope": "All IBM branded products (IBM will confirm support status and notify researcher)",
+ "scope": "All IBM branded products (IBM will confirm support status and notify researcher).",
"contact": [
{
"email": [
@@ -4049,7 +4049,7 @@
"shortName": "intel",
"cnaID": "CNA-2016-0005",
"organizationName": "Intel Corporation",
- "scope": "Intel branded products and technologies and Intel managed open source projects",
+ "scope": "Intel branded products and technologies and Intel managed open source projects.",
"contact": [
{
"email": [
@@ -4111,7 +4111,7 @@
"shortName": "isc",
"cnaID": "CNA-2016-0020",
"organizationName": "Internet Systems Consortium (ISC)",
- "scope": "All ISC.org projects",
+ "scope": "All ISC.org projects.",
"contact": [
{
"email": [
@@ -4168,7 +4168,7 @@
"shortName": "INCD",
"cnaID": "CNA-2021-0030",
"organizationName": "Israel National Cyber Directorate (INCD)",
- "scope": "Vulnerability assignment related to its vulnerability coordination role",
+ "scope": "Vulnerability assignment related to its vulnerability coordination role.",
"contact": [
{
"email": [
@@ -4224,7 +4224,7 @@
"shortName": "jenkins",
"cnaID": "CNA-2018-0015",
"organizationName": "Jenkins Project",
- "scope": "Jenkins and Jenkins plugins distributed by the Jenkins Project (listed on plugins.jenkins.io) only",
+ "scope": "Jenkins and Jenkins plugins distributed by the Jenkins Project (listed on plugins.jenkins.io) only.",
"contact": [
{
"email": [
@@ -4280,7 +4280,7 @@
"shortName": "jci",
"cnaID": "CNA-2019-0001",
"organizationName": "Johnson Controls",
- "scope": "Johnson Controls products only",
+ "scope": "Johnson Controls products only.",
"contact": [
{
"email": [
@@ -4336,7 +4336,7 @@
"shortName": "Joomla",
"cnaID": "CNA-2020-0036",
"organizationName": "Joomla! Project",
- "scope": "Core Joomla! CMS, the Joomla Framework, and Joomla! Extensions issues only",
+ "scope": "Core Joomla! CMS, the Joomla Framework, and Joomla! Extensions issues only.",
"contact": [
{
"email": [
@@ -4393,7 +4393,7 @@
"shortName": "jpcert",
"cnaID": "CNA-2010-0001",
"organizationName": "JPCERT/CC",
- "scope": "Root Scope: Japan organizations CNA Scope: Vulnerability assignment related to its vulnerability coordination role",
+ "scope": "Root Scope: Japan organizations. CNA Scope: Vulnerability assignment related to its vulnerability coordination role.",
"contact": [
{
"email": [
@@ -4458,7 +4458,7 @@
"shortName": "juniper",
"cnaID": "CNA-2016-0001",
"organizationName": "Juniper Networks, Inc.",
- "scope": "Juniper issues only",
+ "scope": "Juniper issues only.",
"contact": [
{
"email": [
@@ -4520,7 +4520,7 @@
"shortName": "Kaspersky",
"cnaID": "CNA-2017-0027",
"organizationName": "Kaspersky",
- "scope": "Kaspersky B2C and B2B products, as well as vulnerabilities discovered in third-party software not in another CNA’s scope",
+ "scope": "Kaspersky B2C and B2B products, as well as vulnerabilities discovered in third-party software not in another CNA’s scope.",
"contact": [
{
"email": [
@@ -4577,7 +4577,7 @@
"shortName": "krcert",
"cnaID": "CNA-2016-0021",
"organizationName": "KrCERT/CC",
- "scope": "Vulnerability assignment related to its vulnerability coordination role",
+ "scope": "Vulnerability assignment related to its vulnerability coordination role.",
"contact": [
{
"email": [
@@ -4633,7 +4633,7 @@
"shortName": "kubernetes",
"cnaID": "CNA-2017-0022",
"organizationName": "Kubernetes",
- "scope": "Kubernetes issues only",
+ "scope": "Kubernetes issues only.",
"contact": [
{
"email": [
@@ -4690,7 +4690,7 @@
"shortName": "larry_cashdollar",
"cnaID": "CNA-2016-0007",
"organizationName": "Larry Cashdollar",
- "scope": "Third-party products he researches that are not in another CNA’s scope",
+ "scope": "Third-party products he researches that are not in another CNA’s scope.",
"contact": [
{
"email": [
@@ -4746,7 +4746,7 @@
"shortName": "lenovo",
"cnaID": "CNA-2016-0013",
"organizationName": "Lenovo Group Ltd.",
- "scope": "Lenovo general-purpose computers, software for general-purpose operating systems, mobile devices, enterprise storage, and networking products only",
+ "scope": "Lenovo general-purpose computers, software for general-purpose operating systems, mobile devices, enterprise storage, and networking products only.",
"contact": [
{
"email": [
@@ -4802,7 +4802,7 @@
"shortName": "LY-Corporation",
"cnaID": "CNA-2020-0038",
"organizationName": "LY Corporation",
- "scope": "Current versions of LINE Messenger Application for iOS, Android, Mac, and Windows, plus LINE Open Source projects hosted on https://github.com/line",
+ "scope": "Current versions of LINE Messenger Application for iOS, Android, Mac, and Windows, plus LINE Open Source projects hosted on https://github.com/line.",
"contact": [
{
"email": [
@@ -4858,7 +4858,7 @@
"shortName": "Logitech",
"cnaID": "CNA-2020-0032",
"organizationName": "Logitech",
- "scope": "All current products/software/apps made by Logitech, Ultimate Ears, Jaybird, Streamlabs, Logitech G, Logicool, Blue, and Astro Gaming",
+ "scope": "All current products/software/apps made by Logitech, Ultimate Ears, Jaybird, Streamlabs, Logitech G, Logicool, Blue, and Astro Gaming.",
"contact": [
{
"email": [
@@ -4914,7 +4914,7 @@
"shortName": "Mattermost",
"cnaID": "CNA-2020-0028",
"organizationName": "Mattermost, Inc.",
- "scope": "All Mattermost issues, and vulnerabilities discovered by Mattermost that are not in another CNA’s scope",
+ "scope": "All Mattermost issues, and vulnerabilities discovered by Mattermost that are not in another CNA’s scope.",
"contact": [
{
"email": [
@@ -4971,7 +4971,7 @@
"shortName": "Mautic",
"cnaID": "CNA-2021-0005",
"organizationName": "Mautic",
- "scope": "Mautic core and officially supported plugins",
+ "scope": "Mautic core and officially supported plugins.",
"contact": [
{
"email": [],
@@ -5028,7 +5028,7 @@
"shortName": "Trellix",
"cnaID": "CNA-2016-0022",
"organizationName": "Trellix",
- "scope": "All Trellix Enterprise (formerly McAfee Enterprise and FireEye) products, as well as vulnerabilities in third-party software discovered by Trellix Advanced Research Center (Trellix ACR) that are not in another CNA’s scope",
+ "scope": "All Trellix Enterprise (formerly McAfee Enterprise and FireEye) products, as well as vulnerabilities in third-party software discovered by Trellix Advanced Research Center (Trellix ACR) that are not in another CNA’s scope.",
"contact": [
{
"email": [
@@ -5090,7 +5090,7 @@
"shortName": "OpenText",
"cnaID": "CNA-2014-0002",
"organizationName": "OpenText (formerly Micro Focus)",
- "scope": "All OpenText products (including Carbonite, Zix, Micro Focus, others)",
+ "scope": "All OpenText products (including Carbonite, Zix, Micro Focus, others).",
"contact": [
{
"email": [
@@ -5146,7 +5146,7 @@
"shortName": "microsoft",
"cnaID": "CNA-2005-0005",
"organizationName": "Microsoft Corporation",
- "scope": "Microsoft issues only, excluding end-of-life (EOL) as listed in the Microsoft Lifecycle Policy",
+ "scope": "Microsoft issues only, excluding end-of-life (EOL) as listed in the Microsoft Lifecycle Policy.",
"contact": [
{
"email": [
@@ -5207,7 +5207,7 @@
"shortName": "mitre",
"cnaID": "CNA-1999-0001",
"organizationName": "MITRE Corporation",
- "scope": "All vulnerabilities, and Open Source software product vulnerabilities, not already covered by a CNA listed on this website",
+ "scope": "All vulnerabilities, and Open Source software product vulnerabilities, not already covered by a CNA listed on this website.",
"contact": [
{
"email": [],
@@ -5271,7 +5271,7 @@
"shortName": "Mitsubishi",
"cnaID": "CNA-2020-0039",
"organizationName": "Mitsubishi Electric Corporation",
- "scope": "Vulnerabilities related to products of Mitsubishi Electric Group",
+ "scope": "Vulnerabilities related to products of Mitsubishi Electric Group.",
"contact": [
{
"email": [
@@ -5327,7 +5327,7 @@
"shortName": "mongodb",
"cnaID": "CNA-2018-0013",
"organizationName": "MongoDB, Inc.",
- "scope": "MongoDB products only, not including end-of-life components or products",
+ "scope": "MongoDB products only, not including end-of-life components or products.",
"contact": [
{
"email": [
@@ -5384,7 +5384,7 @@
"shortName": "mozilla",
"cnaID": "CNA-2012-0002",
"organizationName": "Mozilla Corporation",
- "scope": "Mozilla issues only",
+ "scope": "Mozilla issues only.",
"contact": [
{
"email": [
@@ -5441,7 +5441,7 @@
"shortName": "naver",
"cnaID": "CNA-2018-0007",
"organizationName": "Naver Corporation",
- "scope": "Naver products only, except Line products",
+ "scope": "Naver products only, except Line products.",
"contact": [
{
"email": [
@@ -5497,7 +5497,7 @@
"shortName": "NEC",
"cnaID": "CNA-2021-0012",
"organizationName": "NEC Corporation",
- "scope": "NEC issues only",
+ "scope": "NEC issues only.",
"contact": [
{
"email": [
@@ -5553,7 +5553,7 @@
"shortName": "netapp",
"cnaID": "CNA-2017-0035",
"organizationName": "NetApp, Inc.",
- "scope": "All NetApp products as well as projects hosted on https://github.com/netapp",
+ "scope": "All NetApp products as well as projects hosted on https://github.com/netapp.",
"contact": [
{
"email": [
@@ -5614,7 +5614,7 @@
"shortName": "netflix",
"cnaID": "CNA-2017-0016",
"organizationName": "Netflix, Inc.",
- "scope": "Current versions of Netflix Mobile Streaming Application for iOS, Android, and Windows Mobile, plus all Netflix Open Source projects hosted on https://github.com/Netflix/ and https://github.com/spinnaker/",
+ "scope": "Current versions of Netflix Mobile Streaming Application for iOS, Android, and Windows Mobile, plus all Netflix Open Source projects hosted on https://github.com/Netflix/ and https://github.com/spinnaker/.",
"contact": [
{
"email": [
@@ -5671,7 +5671,7 @@
"shortName": "Absolute",
"cnaID": "CNA-2021-0033",
"organizationName": "Absolute Software",
- "scope": "Absolute issues only",
+ "scope": "Absolute issues only.",
"contact": [
{
"email": [
@@ -5727,7 +5727,7 @@
"shortName": "NLnet_Labs",
"cnaID": "CNA-2020-0033",
"organizationName": "NLnet Labs",
- "scope": "All NLnet Labs projects",
+ "scope": "All NLnet Labs projects.",
"contact": [
{
"email": [
@@ -5792,7 +5792,7 @@
"shortName": "nodejs",
"cnaID": "CNA-2017-0036",
"organizationName": "Node.js",
- "scope": "All actively developed versions of software developed under the Node.js project on https://github.com/nodejs/",
+ "scope": "All actively developed versions of software developed under the Node.js project on https://github.com/nodejs/.",
"contact": [
{
"email": [
@@ -5849,7 +5849,7 @@
"shortName": "NLOK",
"cnaID": "CNA-2020-0016",
"organizationName": "NortonLifeLock Inc.",
- "scope": "All NortonLifeLock product issues only",
+ "scope": "All NortonLifeLock product issues only.",
"contact": [
{
"email": [
@@ -5905,7 +5905,7 @@
"shortName": "Nozomi",
"cnaID": "CNA-2020-0029",
"organizationName": "Nozomi Networks Inc.",
- "scope": "All Nozomi Networks products, as well as vulnerabilities in third-party software discovered by Nozomi Networks that are not in another CNA’s scope",
+ "scope": "All Nozomi Networks products, as well as vulnerabilities in third-party software discovered by Nozomi Networks that are not in another CNA’s scope.",
"contact": [
{
"email": [
@@ -5962,7 +5962,7 @@
"shortName": "nvidia",
"cnaID": "CNA-2016-0015",
"organizationName": "NVIDIA Corporation",
- "scope": "NVIDIA issues only",
+ "scope": "NVIDIA issues only.",
"contact": [
{
"email": [
@@ -6023,7 +6023,7 @@
"shortName": "obdev",
"cnaID": "CNA-2016-0016",
"organizationName": "Objective Development Software GmbH",
- "scope": "Objective Development issues only",
+ "scope": "Objective Development issues only.",
"contact": [
{
"email": [],
@@ -6079,7 +6079,7 @@
"shortName": "Octopus",
"cnaID": "CNA-2021-0017",
"organizationName": "Octopus Deploy",
- "scope": "All Octopus Deploy products, as well as Octopus Deploy maintained projects hosted on https://github.com/OctopusDeploy",
+ "scope": "All Octopus Deploy products, as well as Octopus Deploy maintained projects hosted on https://github.com/OctopusDeploy.",
"contact": [
{
"email": [
@@ -6136,7 +6136,7 @@
"shortName": "odoo",
"cnaID": "CNA-2018-0009",
"organizationName": "Odoo",
- "scope": "Odoo issues only",
+ "scope": "Odoo issues only.",
"contact": [
{
"email": [
@@ -6192,7 +6192,7 @@
"shortName": "openEuler",
"cnaID": "CNA-2020-0020",
"organizationName": "openEuler",
- "scope": "openEuler issues only",
+ "scope": "openEuler issues only.",
"contact": [
{
"email": [
@@ -6249,7 +6249,7 @@
"shortName": "openssl",
"cnaID": "CNA-2016-0019",
"organizationName": "OpenSSL Software Foundation",
- "scope": "OpenSSL software projects only",
+ "scope": "OpenSSL software projects only.",
"contact": [
{
"email": [
@@ -6311,7 +6311,7 @@
"shortName": "OpenVPN",
"cnaID": "CNA-2020-0017",
"organizationName": "OpenVPN Inc.",
- "scope": "All products and projects in which OpenVPN is directly involved commercially and for OpenVPN community projects, including Private Tunnel",
+ "scope": "All products and projects in which OpenVPN is directly involved commercially and for OpenVPN community projects, including Private Tunnel.",
"contact": [
{
"email": [
@@ -6372,7 +6372,7 @@
"shortName": "Opera",
"cnaID": "CNA-2019-0017",
"organizationName": "Opera",
- "scope": "Opera issues only",
+ "scope": "Opera issues only.",
"contact": [
{
"email": [],
@@ -6429,7 +6429,7 @@
"shortName": "OPPO",
"cnaID": "CNA-2019-0006",
"organizationName": "OPPO Mobile Telecommunication Corp., Ltd.",
- "scope": "OPPO devices only",
+ "scope": "OPPO devices only.",
"contact": [
{
"email": [
@@ -6485,7 +6485,7 @@
"shortName": "oracle",
"cnaID": "CNA-2008-0001",
"organizationName": "Oracle",
- "scope": "Oracle supported version product issues only; CVE IDs will not be assigned for unsupported products or versions (Oracle will confirm support status and notify researcher)",
+ "scope": "Oracle supported version product issues only; CVE IDs will not be assigned for unsupported products or versions (Oracle will confirm support status and notify researcher).",
"contact": [
{
"email": [
@@ -6548,7 +6548,7 @@
"shortName": "OTRS",
"cnaID": "CNA-2019-0015",
"organizationName": "OTRS AG",
- "scope": "Vulnerabilities for OTRS and ((OTRS)) Community Edition and modules only",
+ "scope": "Vulnerabilities for OTRS and ((OTRS)) Community Edition and modules only.",
"contact": [
{
"email": [
@@ -6604,7 +6604,7 @@
"shortName": "palo_alto",
"cnaID": "CNA-2018-0005",
"organizationName": "Palo Alto Networks, Inc.",
- "scope": "All Palo Alto Networks products, and vulnerabilities discovered by Palo Alto Networks that are not in another CNA’s scope",
+ "scope": "All Palo Alto Networks products, and vulnerabilities discovered by Palo Alto Networks that are not in another CNA’s scope.",
"contact": [
{
"email": [
@@ -6661,7 +6661,7 @@
"shortName": "Patchstack",
"cnaID": "CNA-2021-0025",
"organizationName": "Patchstack",
- "scope": "Vulnerabilities in third-party products discovered by Patchstack and Patchstack Bug Bounty program unless covered by the scope of another CNA",
+ "scope": "Vulnerabilities in third-party products discovered by Patchstack and Patchstack Bug Bounty program unless covered by the scope of another CNA.",
"contact": [
{
"email": [
@@ -6725,7 +6725,7 @@
"shortName": "Pega",
"cnaID": "CNA-2020-0012",
"organizationName": "Pegasystems Inc.",
- "scope": "Pegasystems products only",
+ "scope": "Pegasystems products only.",
"contact": [
{
"email": [
@@ -6781,7 +6781,7 @@
"shortName": "php",
"cnaID": "CNA-2018-0014",
"organizationName": "PHP Group",
- "scope": "Vulnerabilities in PHP code (code in https://github.com/php/php-src) only",
+ "scope": "Vulnerabilities in PHP code (code in https://github.com/php/php-src) only.",
"contact": [
{
"email": [
@@ -6838,7 +6838,7 @@
"shortName": "Perforce",
"cnaID": "CNA-2016-0023",
"organizationName": "Perforce",
- "scope": "All Perforce products",
+ "scope": "All Perforce products.",
"contact": [
{
"email": [
@@ -6895,7 +6895,7 @@
"shortName": "qnap",
"cnaID": "CNA-2017-0030",
"organizationName": "QNAP Systems, Inc.",
- "scope": "QNAP issues only",
+ "scope": "QNAP issues only.",
"contact": [
{
"email": [
@@ -6951,7 +6951,7 @@
"shortName": "qualcomm",
"cnaID": "CNA-2017-0007",
"organizationName": "Qualcomm, Inc.",
- "scope": "Qualcomm and Snapdragon issues only",
+ "scope": "Qualcomm and Snapdragon issues only.",
"contact": [
{
"email": [
@@ -7007,7 +7007,7 @@
"shortName": "rapid7",
"cnaID": "CNA-2016-0024",
"organizationName": "Rapid7, Inc.",
- "scope": "All Rapid7 products, and vulnerabilities discovered by Rapid7 that are not in another CNA’s scope",
+ "scope": "All Rapid7 products, and vulnerabilities discovered by Rapid7 that are not in another CNA’s scope.",
"contact": [
{
"email": [
@@ -7065,7 +7065,7 @@
"shortName": "redhat",
"cnaID": "CNA-2005-0006",
"organizationName": "Red Hat, Inc.",
- "scope": "Root Scope: The Red Hat Root’s scope includes the open source community. Any open source organizations that prefer Red Hat as their Root; organizations are free to choose another Root if it suits them better CNA Scope: Vulnerabilities in open source projects affecting Red Hat software that are not covered by a more specific CNA. CVEs can be assigned to vulnerabilities affecting end-of-life or unsupported Red Hat software",
+ "scope": "Root Scope: The Red Hat Root’s scope includes the open source community. Any open source organizations that prefer Red Hat as their Root; organizations are free to choose another Root if it suits them better. CNA Scope: Vulnerabilities in open source projects affecting Red Hat software that are not covered by a more specific CNA. CVEs can be assigned to vulnerabilities affecting end-of-life or unsupported Red Hat software.",
"contact": [
{
"email": [
@@ -7135,7 +7135,7 @@
"shortName": "Replicated",
"cnaID": "CNA-2020-0023",
"organizationName": "Replicated, Inc.",
- "scope": "Replicated products and services only",
+ "scope": "Replicated products and services only.",
"contact": [
{
"email": [
@@ -7191,7 +7191,7 @@
"shortName": "bosch",
"cnaID": "CNA-2019-0004",
"organizationName": "Robert Bosch GmbH",
- "scope": "Bosch products only",
+ "scope": "Bosch products only.",
"contact": [
{
"email": [
@@ -7247,7 +7247,7 @@
"shortName": "Salesforce",
"cnaID": "CNA-2019-0007",
"organizationName": "Salesforce, Inc.",
- "scope": "Salesforce products only",
+ "scope": "Salesforce products only.",
"contact": [
{
"email": [
@@ -7303,7 +7303,7 @@
"shortName": "Samsung_Mobile",
"cnaID": "CNA-2021-0001",
"organizationName": "Samsung Mobile",
- "scope": "Samsung Mobile Galaxy products, personal computers, and related services only",
+ "scope": "Samsung Mobile Galaxy products, personal computers, and related services only.",
"contact": [
{
"email": [
@@ -7359,7 +7359,7 @@
"shortName": "sap",
"cnaID": "CNA-2017-0038",
"organizationName": "SAP SE",
- "scope": "All SAP products",
+ "scope": "All SAP products.",
"contact": [
{
"email": [
@@ -7415,7 +7415,7 @@
"shortName": "Secomea",
"cnaID": "CNA-2020-0037",
"organizationName": "Secomea A/S",
- "scope": "Supported Secomea products only",
+ "scope": "Supported Secomea products only.",
"contact": [
{
"email": [
@@ -7471,7 +7471,7 @@
"shortName": "schneider",
"cnaID": "CNA-2017-0009",
"organizationName": "Schneider Electric",
- "scope": "All Schneider Electric products, including Proface, APC, and Eurotherm",
+ "scope": "All Schneider Electric products, including Proface, APC, and Eurotherm.",
"contact": [
{
"email": [
@@ -7532,7 +7532,7 @@
"shortName": "SICK_AG",
"cnaID": "CNA-2019-0016",
"organizationName": "SICK AG",
- "scope": "SICK AG issues only",
+ "scope": "SICK AG issues only.",
"contact": [
{
"email": [
@@ -7588,7 +7588,7 @@
"shortName": "siemens",
"cnaID": "CNA-2017-0006",
"organizationName": "Siemens",
- "scope": "Siemens issues only",
+ "scope": "Siemens issues only.",
"contact": [
{
"email": [
@@ -7649,7 +7649,7 @@
"shortName": "SWI",
"cnaID": "CNA-2020-0015",
"organizationName": "Sierra Wireless Inc.",
- "scope": "Sierra Wireless products only",
+ "scope": "Sierra Wireless products only.",
"contact": [
{
"email": [
@@ -7705,7 +7705,7 @@
"shortName": "Silver_Peak",
"cnaID": "CNA-2020-0011",
"organizationName": "Silver Peak Systems, Inc.",
- "scope": "Silver Peak product issues only",
+ "scope": "Silver Peak product issues only.",
"contact": [
{
"email": [
@@ -7761,7 +7761,7 @@
"shortName": "Simplinx",
"cnaID": "CNA-2021-0007",
"organizationName": "Simplinx Ltd.",
- "scope": "Simplinx products only",
+ "scope": "Simplinx products only.",
"contact": [
{
"email": [
@@ -7817,7 +7817,7 @@
"shortName": "snyk",
"cnaID": "CNA-2017-0029",
"organizationName": "Snyk",
- "scope": "Vulnerabilities in Snyk products and vulnerabilities discovered by, or reported to, Snyk that are not in another CNA’s scope",
+ "scope": "Vulnerabilities in Snyk products and vulnerabilities discovered by, or reported to, Snyk that are not in another CNA’s scope.",
"contact": [
{
"email": [
@@ -7874,7 +7874,7 @@
"shortName": "SolarWinds",
"cnaID": "CNA-2021-0027",
"organizationName": "SolarWinds",
- "scope": "SolarWinds products only",
+ "scope": "SolarWinds products only.",
"contact": [
{
"email": [
@@ -7930,7 +7930,7 @@
"shortName": "sonicwall",
"cnaID": "CNA-2018-0004",
"organizationName": "SonicWall, Inc.",
- "scope": "SonicWall issues only",
+ "scope": "SonicWall issues only.",
"contact": [
{
"email": [
@@ -7986,7 +7986,7 @@
"shortName": "Sophos",
"cnaID": "CNA-2021-0003",
"organizationName": "Sophos Limited",
- "scope": "Sophos issues only",
+ "scope": "Sophos issues only.",
"contact": [
{
"email": [
@@ -8042,7 +8042,7 @@
"shortName": "INCIBE",
"cnaID": "CNA-2020-0002",
"organizationName": "Spanish National Cybersecurity Institute, S.A. (INCIBE)",
- "scope": "Root Scope: Spain organizations CNA Scope: Vulnerability assignment related to its vulnerability coordination role for Industrial Control Systems (ICS), Information Technologies (IT), and Internet of Things (IoT) systems issues at the national level, and vulnerabilities reported to INCIBE by Spain organizations and researchers that are not in another CNA’s scope",
+ "scope": "Root Scope: Spain organizations. CNA Scope: Vulnerability assignment related to its vulnerability coordination role for Industrial Control Systems (ICS), Information Technologies (IT), and Internet of Things (IoT) systems issues at the national level, and vulnerabilities reported to INCIBE by Spain organizations and researchers that are not in another CNA’s scope.",
"contact": [
{
"email": [
@@ -8111,7 +8111,7 @@
"shortName": "Splunk",
"cnaID": "CNA-2019-0012",
"organizationName": "Splunk Inc.",
- "scope": "Splunk products only",
+ "scope": "Splunk products only.",
"contact": [
{
"email": [
@@ -8167,7 +8167,7 @@
"shortName": "suse",
"cnaID": "CNA-2014-0003",
"organizationName": "SUSE",
- "scope": "SUSE and Rancher issues only",
+ "scope": "SUSE and Rancher issues only.",
"contact": [
{
"email": [
@@ -8224,7 +8224,7 @@
"shortName": "Swift",
"cnaID": "CNA-2021-0004",
"organizationName": "Swift Project",
- "scope": "The Swift Project only",
+ "scope": "The Swift Project only.",
"contact": [
{
"email": [
@@ -8281,7 +8281,7 @@
"shortName": "symantec",
"cnaID": "CNA-2012-0003",
"organizationName": "Symantec - A Division of Broadcom",
- "scope": "Symantec Enterprise products as well as vulnerabilities in third-party software discovered by Symantec that are not in another CNA’s scope",
+ "scope": "Symantec Enterprise products as well as vulnerabilities in third-party software discovered by Symantec that are not in another CNA’s scope.",
"contact": [
{
"email": [
@@ -8338,7 +8338,7 @@
"shortName": "Synaptics",
"cnaID": "CNA-2020-0021",
"organizationName": "Synaptics, Inc.",
- "scope": "Synaptics issues only",
+ "scope": "Synaptics issues only.",
"contact": [
{
"email": [
@@ -8402,7 +8402,7 @@
"shortName": "synology",
"cnaID": "CNA-2017-0012",
"organizationName": "Synology Inc.",
- "scope": "Synology issues only",
+ "scope": "Synology issues only.",
"contact": [
{
"email": [
@@ -8463,7 +8463,7 @@
"shortName": "BlackDuck",
"cnaID": "CNA-2021-0013",
"organizationName": "Black Duck Software, Inc.",
- "scope": "All Black Duck (formerly Synopsys Software Integrity Group) products, as well as vulnerabilities in third-party software discovered by Black Duck that are not in another CNA’s scope",
+ "scope": "All Black Duck (formerly Synopsys Software Integrity Group) products, as well as vulnerabilities in third-party software discovered by Black Duck that are not in another CNA’s scope.",
"contact": [
{
"email": [
@@ -8520,7 +8520,7 @@
"shortName": "talos",
"cnaID": "CNA-2016-0017",
"organizationName": "Talos",
- "scope": "Third-party products it researches",
+ "scope": "Third-party products it researches.",
"contact": [
{
"email": [
@@ -8576,7 +8576,7 @@
"shortName": "Tcpdump",
"cnaID": "CNA-2020-0003",
"organizationName": "Tcpdump Group",
- "scope": "Tcpdump and Libpcap only",
+ "scope": "Tcpdump and Libpcap only.",
"contact": [
{
"email": [
@@ -8633,7 +8633,7 @@
"shortName": "tenable",
"cnaID": "CNA-2017-0023",
"organizationName": "Tenable Network Security, Inc.",
- "scope": "Tenable products and third-party products it researches not covered by another CNA",
+ "scope": "Tenable products and third-party products it researches not covered by another CNA.",
"contact": [
{
"email": [
@@ -8694,7 +8694,7 @@
"shortName": "TianoCore",
"cnaID": "CNA-2020-0031",
"organizationName": "TianoCore.org",
- "scope": "Software vulnerabilities related to the TianoCore Open Source",
+ "scope": "Software vulnerabilities related to the TianoCore Open Source.",
"contact": [
{
"email": [
@@ -8751,7 +8751,7 @@
"shortName": "tibco",
"cnaID": "CNA-2017-0001",
"organizationName": "TIBCO Software Inc.",
- "scope": "TIBCO, Talarian, Spotfire, Data Synapse, Foresight, Kabira, Proginet, LogLogic, StreamBase, JasperSoft, and Mashery products/brands only",
+ "scope": "TIBCO, Talarian, Spotfire, Data Synapse, Foresight, Kabira, Proginet, LogLogic, StreamBase, JasperSoft, and Mashery products/brands only.",
"contact": [
{
"email": [
@@ -8807,7 +8807,7 @@
"shortName": "Tigera",
"cnaID": "CNA-2019-0011",
"organizationName": "Tigera, Inc.",
- "scope": "All vulnerabilities for Calico and all of Tigera’s products only",
+ "scope": "All vulnerabilities for Calico and all of Tigera’s products only.",
"contact": [
{
"email": [
@@ -8864,7 +8864,7 @@
"shortName": "Toshiba",
"cnaID": "CNA-2021-0024",
"organizationName": "Toshiba Corporation",
- "scope": "Vulnerabilities related to products and services of Toshiba Group",
+ "scope": "Vulnerabilities related to products and services of Toshiba Group.",
"contact": [
{
"email": [
@@ -8920,7 +8920,7 @@
"shortName": "TR-CERT",
"cnaID": "CNA-2021-0034",
"organizationName": "TR-CERT (Computer Emergency Response Team of the Republic of Türkiye)",
- "scope": "Vulnerability assignment related to its vulnerability coordination role",
+ "scope": "Vulnerability assignment related to its vulnerability coordination role.",
"contact": [
{
"email": [
@@ -8993,7 +8993,7 @@
"shortName": "trendmicro",
"cnaID": "CNA-2017-0017",
"organizationName": "Trend Micro, Inc.",
- "scope": "Trend Micro supported products, including any end-of-life products",
+ "scope": "Trend Micro supported products, including any end-of-life products.",
"contact": [
{
"email": [
@@ -9054,7 +9054,7 @@
"shortName": "twcert",
"cnaID": "CNA-2018-0012",
"organizationName": "TWCERT/CC",
- "scope": "Vulnerability assignment related to its vulnerability coordination role",
+ "scope": "Vulnerability assignment related to its vulnerability coordination role.",
"contact": [
{
"email": [
@@ -9119,7 +9119,7 @@
"shortName": "Vaadin",
"cnaID": "CNA-2021-0015",
"organizationName": "Vaadin Ltd.",
- "scope": "All Vaadin products and supported open source projects hosted at https://github.com/vaadin",
+ "scope": "All Vaadin products and supported open source projects hosted at https://github.com/vaadin.",
"contact": [
{
"email": [
@@ -9176,7 +9176,7 @@
"shortName": "Vivo",
"cnaID": "CNA-2020-0008",
"organizationName": "Vivo Mobile Communication Co., Ltd.",
- "scope": "Vivo issues only",
+ "scope": "Vivo issues only.",
"contact": [
{
"email": [
@@ -9232,7 +9232,7 @@
"shortName": "vmware",
"cnaID": "CNA-2016-0025",
"organizationName": "VMware by Broadcom",
- "scope": "VMware, Spring, and Cloud Foundry issues only",
+ "scope": "VMware, Spring, and Cloud Foundry issues only.",
"contact": [
{
"email": [
@@ -9289,7 +9289,7 @@
"shortName": "Mend",
"cnaID": "CNA-2020-0035",
"organizationName": "Mend",
- "scope": "Vulnerabilities in Mend (formerly WhiteSource) products and vulnerabilities in third-party software discovered by Mend that are not in another CNA’s scope",
+ "scope": "Vulnerabilities in Mend (formerly WhiteSource) products and vulnerabilities in third-party software discovered by Mend that are not in another CNA’s scope.",
"contact": [
{
"email": [
@@ -9346,7 +9346,7 @@
"shortName": "Wordfence",
"cnaID": "CNA-2021-0022",
"organizationName": "Wordfence",
- "scope": "WordPress Plugins, Themes, and Core Vulnerabilities discovered by, or reported to, the Wordfence/Defiant team",
+ "scope": "WordPress Plugins, Themes, and Core Vulnerabilities discovered by, or reported to, the Wordfence/Defiant team.",
"contact": [
{
"email": [
@@ -9403,7 +9403,7 @@
"shortName": "WPScan",
"cnaID": "CNA-2021-0002",
"organizationName": "WPScan",
- "scope": "WordPress core, plugins, and themes",
+ "scope": "WordPress core, plugins, and themes.",
"contact": [
{
"email": [
@@ -9468,7 +9468,7 @@
"shortName": "XEN",
"cnaID": "CNA-2021-0009",
"organizationName": "Xen Project",
- "scope": "All sub-projects under Xen Project’s umbrella (see Xen Project Teams), except those sub-projects that have their own security response process; and the Xen components inside other projects, where Xen Project is the primary developer",
+ "scope": "All sub-projects under Xen Project’s umbrella (see Xen Project Teams), except those sub-projects that have their own security response process; and the Xen components inside other projects, where Xen Project is the primary developer.",
"contact": [
{
"email": [
@@ -9525,7 +9525,7 @@
"shortName": "Xiaomi",
"cnaID": "CNA-2020-0019",
"organizationName": "Xiaomi Technology Co., Ltd.",
- "scope": "Xiaomi issues only",
+ "scope": "Xiaomi issues only.",
"contact": [
{
"email": [
@@ -9581,7 +9581,7 @@
"shortName": "Xylem",
"cnaID": "CNA-2021-0006",
"organizationName": "Xylem",
- "scope": "Xylem products and technologies only",
+ "scope": "Xylem products and technologies only.",
"contact": [
{
"email": [
@@ -9637,7 +9637,7 @@
"shortName": "yandex",
"cnaID": "CNA-2016-0018",
"organizationName": "Yandex N.V.",
- "scope": "Yandex issues only",
+ "scope": "Yandex issues only.",
"contact": [
{
"email": [
@@ -9693,7 +9693,7 @@
"shortName": "Zabbix",
"cnaID": "CNA-2020-0022",
"organizationName": "Zabbix",
- "scope": "Zabbix products and Zabbix projects listed on https://git.zabbix.com/ only",
+ "scope": "Zabbix products and Zabbix projects listed on https://git.zabbix.com/ only.",
"contact": [
{
"email": [
@@ -9749,7 +9749,7 @@
"shortName": "zephyr",
"cnaID": "CNA-2017-0032",
"organizationName": "Zephyr Project",
- "scope": "Zephyr project components, and vulnerabilities that are not in another CNA’s scope",
+ "scope": "Zephyr project components, and vulnerabilities that are not in another CNA’s scope.",
"contact": [
{
"email": [
@@ -9806,7 +9806,7 @@
"shortName": "zdi",
"cnaID": "CNA-2017-0018",
"organizationName": "Zero Day Initiative",
- "scope": "Products and projects covered by its bug bounty programs that are not in another CNA’s scope",
+ "scope": "Products and projects covered by its bug bounty programs that are not in another CNA’s scope.",
"contact": [
{
"email": [
@@ -9867,7 +9867,7 @@
"shortName": "Zoom",
"cnaID": "CNA-2021-0016",
"organizationName": "Zoom Video Communications, Inc.",
- "scope": "Zoom and Keybase issues only",
+ "scope": "Zoom and Keybase issues only.",
"contact": [
{
"email": [
@@ -9923,7 +9923,7 @@
"shortName": "Zscaler",
"cnaID": "CNA-2020-0009",
"organizationName": "Zscaler, Inc.",
- "scope": "Zscaler issues only",
+ "scope": "Zscaler issues only.",
"contact": [
{
"email": [
@@ -9979,7 +9979,7 @@
"shortName": "ZTE",
"cnaID": "CNA-2017-0019",
"organizationName": "ZTE Corporation",
- "scope": "ZTE products only",
+ "scope": "ZTE products only.",
"contact": [
{
"email": [],
@@ -10035,7 +10035,7 @@
"shortName": "Zyxel",
"cnaID": "CNA-2021-0023",
"organizationName": "Zyxel Corporation",
- "scope": "Zyxel products issues only",
+ "scope": "Zyxel products issues only.",
"contact": [
{
"email": [
@@ -10091,7 +10091,7 @@
"shortName": "Snow",
"cnaID": "CNA-2021-0036",
"organizationName": "Snow Software",
- "scope": "All Snow Software products",
+ "scope": "All Snow Software products.",
"contact": [
{
"email": [
@@ -10147,7 +10147,7 @@
"shortName": "LGE",
"cnaID": "CNA-2021-0037",
"organizationName": "LG Electronics",
- "scope": "LG Electronics products only",
+ "scope": "LG Electronics products only.",
"contact": [
{
"email": [
@@ -10203,7 +10203,7 @@
"shortName": "Censys",
"cnaID": "CNA-2021-0035",
"organizationName": "Censys",
- "scope": "All Censys products, and vulnerabilities discovered by Censys that are not in another CNA’s scope",
+ "scope": "All Censys products, and vulnerabilities discovered by Censys that are not in another CNA’s scope.",
"contact": [
{
"email": [
@@ -10260,7 +10260,7 @@
"shortName": "PingIdentity",
"cnaID": "CNA-2021-0042",
"organizationName": "Ping Identity Corporation",
- "scope": "All Ping Identity products (supported products and end-of-life/end-of-service products), as well as vulnerabilities in third-party software discovered by Ping Identity that are not in another CNA’s scope",
+ "scope": "All Ping Identity products (supported products and end-of-life/end-of-service products), as well as vulnerabilities in third-party software discovered by Ping Identity that are not in another CNA’s scope.",
"contact": [
{
"email": [
@@ -10318,7 +10318,7 @@
"shortName": "Palantir",
"cnaID": "CNA-2021-0041",
"organizationName": "Palantir Technologies",
- "scope": "Palantir products and technologies only",
+ "scope": "Palantir products and technologies only.",
"contact": [
{
"email": [
@@ -10374,7 +10374,7 @@
"shortName": "M-Files",
"cnaID": "CNA-2021-0038",
"organizationName": "M-Files Corporation",
- "scope": "M-Files and Hubshare products",
+ "scope": "M-Files and Hubshare products.",
"contact": [
{
"email": [
@@ -10430,7 +10430,7 @@
"shortName": "JFrog",
"cnaID": "CNA-2021-0039",
"organizationName": "JFrog",
- "scope": "All JFrog products (supported products and end-of-life/end-of-service products); vulnerabilities in third-party software discovered by JFrog that are not in another CNA’s scope; and vulnerabilities in third-party software discovered by external researchers and disclosed to JFrog (includes any embedded devices and their associated mobile applications) that are not in another CNA’s scope",
+ "scope": "All JFrog products (supported products and end-of-life/end-of-service products); vulnerabilities in third-party software discovered by JFrog that are not in another CNA’s scope; and vulnerabilities in third-party software discovered by external researchers and disclosed to JFrog (includes any embedded devices and their associated mobile applications) that are not in another CNA’s scope.",
"contact": [
{
"email": [
@@ -10487,7 +10487,7 @@
"shortName": "NCSC.ch",
"cnaID": "CNA-2021-0040",
"organizationName": "Switzerland National Cyber Security Centre (NCSC)",
- "scope": "Switzerland Government Common Vulnerability Program",
+ "scope": "Switzerland Government Common Vulnerability Program.",
"contact": [
{
"email": [
@@ -10543,7 +10543,7 @@
"shortName": "MediaTek",
"cnaID": "CNA-2021-0043",
"organizationName": "MediaTek, Inc.",
- "scope": "MediaTek product issues only",
+ "scope": "MediaTek product issues only.",
"contact": [
{
"email": [
@@ -10599,7 +10599,7 @@
"shortName": "THA-PSIRT",
"cnaID": "CNA-2021-0045",
"organizationName": "Thales Group",
- "scope": "Root Scope: Products and technologies of subsidiaries of Thales Group CNA Scope: Thales branded products and technologies, products and technologies of subsidiaries of Thales Group, unless covered by the scope of another CNA as well as vulnerabilities in third-party software discovered by Thales Group and subsidiaries that are not in another CNA’s scope",
+ "scope": "Root Scope: Products and technologies of subsidiaries of Thales Group. CNA Scope: Thales branded products and technologies, products and technologies of subsidiaries of Thales Group, unless covered by the scope of another CNA as well as vulnerabilities in third-party software discovered by Thales Group and subsidiaries that are not in another CNA’s scope.",
"contact": [
{
"email": [
@@ -10669,7 +10669,7 @@
"shortName": "GovTech_CSG",
"cnaID": "CNA-2021-0044",
"organizationName": "Government Technology Agency of Singapore Cyber Security Group (GovTech CSG)",
- "scope": "Vulnerabilities discovered by GovTech CSG only that are not in another CNA’s scope",
+ "scope": "Vulnerabilities discovered by GovTech CSG only that are not in another CNA’s scope.",
"contact": [
{
"email": [
@@ -10725,7 +10725,7 @@
"shortName": "Yugabyte",
"cnaID": "CNA-2021-0047",
"organizationName": "Yugabyte, Inc.",
- "scope": "Yugabyte products only",
+ "scope": "Yugabyte products only.",
"contact": [
{
"email": [
@@ -10782,7 +10782,7 @@
"shortName": "ForgeRock",
"cnaID": "CNA-2021-0046",
"organizationName": "ForgeRock, Inc.",
- "scope": "ForgeRock issues only",
+ "scope": "ForgeRock issues only.",
"contact": [
{
"email": [
@@ -10839,7 +10839,7 @@
"shortName": "ASUSTOR",
"cnaID": "CNA-2021-0048",
"organizationName": "ASUSTOR, Inc.",
- "scope": "ASUSTOR issues only",
+ "scope": "ASUSTOR issues only.",
"contact": [
{
"email": [
@@ -10895,7 +10895,7 @@
"shortName": "Okta",
"cnaID": "CNA-2021-0049",
"organizationName": "Okta",
- "scope": "Okta issues only",
+ "scope": "Okta issues only.",
"contact": [
{
"email": [
@@ -10951,7 +10951,7 @@
"shortName": "CERT-In",
"cnaID": "CNA-2021-0050",
"organizationName": "Indian Computer Emergency Response Team (CERT-In)",
- "scope": "Vulnerability coordination for vulnerabilities in all products reported to CERT-In in accordance with our vulnerability coordination role as a CERT. Vulnerability assignments for vulnerabilities impacting all products designed, developed, and manufactured in India",
+ "scope": "Vulnerability coordination for vulnerabilities in all products reported to CERT-In in accordance with our vulnerability coordination role as a CERT. Vulnerability assignments for vulnerabilities impacting all products designed, developed, and manufactured in India.",
"contact": [
{
"email": [
@@ -11007,7 +11007,7 @@
"shortName": "WDC_PSIRT",
"cnaID": "CNA-2021-0051",
"organizationName": "Western Digital",
- "scope": "Western Digital products including WD, SanDisk, SanDisk Professional, G-Technology, and HGST only",
+ "scope": "Western Digital products including WD, SanDisk, SanDisk Professional, G-Technology, and HGST only.",
"contact": [
{
"email": [
@@ -11063,7 +11063,7 @@
"shortName": "AppCheck",
"cnaID": "CNA-2021-0052",
"organizationName": "AppCheck Ltd.",
- "scope": "Vulnerabilities discovered by AppCheck that are not within another CNA’s scope",
+ "scope": "Vulnerabilities discovered by AppCheck that are not within another CNA’s scope.",
"contact": [
{
"email": [
@@ -11119,7 +11119,7 @@
"shortName": "Acronis",
"cnaID": "CNA-2021-0053",
"organizationName": "Acronis International GmbH",
- "scope": "All Acronis products, including Acronis Cyber Protect, Acronis Cyber Protect Home Office, Acronis DeviceLock DLP, and Acronis Snap Deploy",
+ "scope": "All Acronis products, including Acronis Cyber Protect, Acronis Cyber Protect Home Office, Acronis DeviceLock DLP, and Acronis Snap Deploy.",
"contact": [
{
"email": [
@@ -11175,7 +11175,7 @@
"shortName": "Carrier",
"cnaID": "CNA-2021-0054",
"organizationName": "Carrier Global Corporation",
- "scope": "Carrier Global products only",
+ "scope": "Carrier Global products only.",
"contact": [
{
"email": [
@@ -11232,7 +11232,7 @@
"shortName": "PandoraFMS",
"cnaID": "CNA-2021-0055",
"organizationName": "Pandora FMS",
- "scope": "Pandora FMS, Pandora ITSM, and Pandora RC issues only",
+ "scope": "Pandora FMS, Pandora ITSM, and Pandora RC issues only.",
"contact": [
{
"email": [
@@ -11288,7 +11288,7 @@
"shortName": "Silabs",
"cnaID": "CNA-2021-0056",
"organizationName": "Silicon Labs",
- "scope": "Silicon Labs issues only",
+ "scope": "Silicon Labs issues only.",
"contact": [
{
"email": [
@@ -11344,7 +11344,7 @@
"shortName": "Panasonic_Holdings_Corporation",
"cnaID": "CNA-2021-0057",
"organizationName": "Panasonic Holdings Corporation",
- "scope": "All products and services developed and/or sold by Panasonic Group companies",
+ "scope": "All products and services developed and/or sold by Panasonic Group companies.",
"contact": [
{
"email": [
@@ -11400,7 +11400,7 @@
"shortName": "ZGR",
"cnaID": "CNA-2021-0058",
"organizationName": "ZGR",
- "scope": "ZGR manufactured products",
+ "scope": "ZGR manufactured products.",
"contact": [
{
"email": [
@@ -11456,7 +11456,7 @@
"shortName": "Profelis",
"cnaID": "CNA-2021-0059",
"organizationName": "Profelis IT Consultancy",
- "scope": "Products and services developed by Profelis IT Consultancy including enterprise directory solution SambaBox and password reset product PassBox",
+ "scope": "Products and services developed by Profelis IT Consultancy including enterprise directory solution SambaBox and password reset product PassBox.",
"contact": [
{
"email": [
@@ -11513,7 +11513,7 @@
"shortName": "TeamViewer",
"cnaID": "CNA-2021-0060",
"organizationName": "TeamViewer Germany GmbH",
- "scope": "TeamViewer issues only",
+ "scope": "TeamViewer issues only.",
"contact": [
{
"email": [
@@ -11569,7 +11569,7 @@
"shortName": "Vulnscope",
"cnaID": "CNA-2001-0061",
"organizationName": "Vulnscope Technologies",
- "scope": "Provides CVE IDs for customers as part of our bug bounty and vulnerability coordination platform",
+ "scope": "Provides CVE IDs for customers as part of our bug bounty and vulnerability coordination platform.",
"contact": [
{
"email": [
@@ -11626,7 +11626,7 @@
"shortName": "Mirantis",
"cnaID": "CNA-2001-0062",
"organizationName": "Mirantis",
- "scope": "All Mirantis products (supported products and end-of-life/end-of-service products) and open source offerings, as well as vulnerabilities in third-party software discovered by Mirantis that are not in another CNA’s scope",
+ "scope": "All Mirantis products (supported products and end-of-life/end-of-service products) and open source offerings, as well as vulnerabilities in third-party software discovered by Mirantis that are not in another CNA’s scope.",
"contact": [
{
"email": [
@@ -11684,7 +11684,7 @@
"shortName": "VulDB",
"cnaID": "CNA-2001-0063",
"organizationName": "VulDB",
- "scope": "Vulnerabilities in VulDB products and vulnerabilities discovered by, or reported to, the VulDB vulnerability database that are not in another CNA’s scope",
+ "scope": "Vulnerabilities in VulDB products and vulnerabilities discovered by, or reported to, the VulDB vulnerability database that are not in another CNA’s scope.",
"contact": [
{
"email": [
@@ -11740,7 +11740,7 @@
"shortName": "FRAPPE",
"cnaID": "CNA-2001-0064",
"organizationName": "Frappe Technologies Pvt. Ltd.",
- "scope": "Vulnerabilities relating to Frappe Framework, ERPNext product, erpnext.com, and frappecloud.com hosting services, as well as other vulnerabilities discovered by Frappe Technologies that are not under the scope of any other CNA",
+ "scope": "Vulnerabilities relating to Frappe Framework, ERPNext product, erpnext.com, and frappecloud.com hosting services, as well as other vulnerabilities discovered by Frappe Technologies that are not under the scope of any other CNA.",
"contact": [
{
"email": [
@@ -11796,7 +11796,7 @@
"shortName": "RHINO",
"cnaID": "CNA-2001-0065",
"organizationName": "Rhino Mobility",
- "scope": "Rhino Mobility issues only",
+ "scope": "Rhino Mobility issues only.",
"contact": [
{
"email": [
@@ -11852,7 +11852,7 @@
"shortName": "OpenBMC",
"cnaID": "CNA-2021-0066",
"organizationName": "The OpenBMC Project",
- "scope": "Vulnerabilities related to the repositories maintained by the OpenBMC project",
+ "scope": "Vulnerabilities related to the repositories maintained by the OpenBMC project.",
"contact": [
{
"email": [
@@ -11913,7 +11913,7 @@
"shortName": "DIVD",
"cnaID": "CNA-2022-0001",
"organizationName": "Dutch Institute for Vulnerability Disclosure (DIVD)",
- "scope": "Vulnerabilities in software discovered by DIVD, and vulnerabilities reported to DIVD for coordinated disclosure, which are not in another CNA’s scope",
+ "scope": "Vulnerabilities in software discovered by DIVD, and vulnerabilities reported to DIVD for coordinated disclosure, which are not in another CNA’s scope.",
"contact": [
{
"email": [
@@ -11969,7 +11969,7 @@
"shortName": "Baxter",
"cnaID": "CNA-2022-0002",
"organizationName": "Baxter Healthcare",
- "scope": "Baxter’s commercially available products only",
+ "scope": "Baxter’s commercially available products only.",
"contact": [
{
"email": [
@@ -12025,7 +12025,7 @@
"shortName": "Citrix",
"cnaID": "CNA-2022-0003",
"organizationName": "Citrix Systems, Inc.",
- "scope": "Citrix issues only",
+ "scope": "Citrix issues only.",
"contact": [
{
"email": [
@@ -12081,7 +12081,7 @@
"shortName": "JetBrains",
"cnaID": "CNA-2022-0004",
"organizationName": "JetBrains s.r.o.",
- "scope": "JetBrains products only",
+ "scope": "JetBrains products only.",
"contact": [
{
"email": [
@@ -12138,7 +12138,7 @@
"shortName": "Medtronic",
"cnaID": "CNA-2022-0005",
"organizationName": "Medtronic",
- "scope": "All products of Medtronic or a Medtronic company including supported products and end-of-life/end-of-service products, as well as vulnerabilities in third-party software discovered in Medtronic products that are not in another CNA’s scope",
+ "scope": "All products of Medtronic or a Medtronic company including supported products and end-of-life/end-of-service products, as well as vulnerabilities in third-party software discovered in Medtronic products that are not in another CNA’s scope.",
"contact": [
{
"email": [
@@ -12194,7 +12194,7 @@
"shortName": "ASRG",
"cnaID": "CNA-2022-0006",
"organizationName": "Automotive Security Research Group (ASRG)",
- "scope": "All automotive and related infrastructure vulnerabilities that are not in another CNA’s scope",
+ "scope": "All automotive and related infrastructure vulnerabilities that are not in another CNA’s scope.",
"contact": [
{
"email": [
@@ -12250,7 +12250,7 @@
"shortName": "Netskope",
"cnaID": "CNA-2022-0007",
"organizationName": "Netskope",
- "scope": "All Netskope products and services",
+ "scope": "All Netskope products and services.",
"contact": [
{
"email": [
@@ -12306,7 +12306,7 @@
"shortName": "Go",
"cnaID": "CNA-2022-0008",
"organizationName": "Go Project",
- "scope": "Vulnerabilities in software published by the Go Project (including the Go standard library, Go toolchain, and the golang.org modules) and publicly disclosed vulnerabilities in publicly importable packages in the Go ecosystem, unless covered by another CNA’s scope",
+ "scope": "Vulnerabilities in software published by the Go Project (including the Go standard library, Go toolchain, and the golang.org modules) and publicly disclosed vulnerabilities in publicly importable packages in the Go ecosystem, unless covered by another CNA’s scope.",
"contact": [
{
"email": [
@@ -12363,7 +12363,7 @@
"shortName": "GE_GP",
"cnaID": "CNA-2022-0009",
"organizationName": "General Electric (Gas Power)",
- "scope": "GE (Gas Power) issues only",
+ "scope": "GE (Gas Power) issues only.",
"contact": [
{
"email": [
@@ -12419,7 +12419,7 @@
"shortName": "ZUSO_ART",
"cnaID": "CNA-2022-0010",
"organizationName": "ZUSO Advanced Research Team (ZUSO ART)",
- "scope": "Vulnerabilities in third-party products discovered by ZUSO ART that are not in another CNA’s scope",
+ "scope": "Vulnerabilities in third-party products discovered by ZUSO ART that are not in another CNA’s scope.",
"contact": [
{
"email": [
@@ -12475,7 +12475,7 @@
"shortName": "Anolis",
"cnaID": "CNA-2022-0011",
"organizationName": "OpenAnolis",
- "scope": "OpenAnolis issues only",
+ "scope": "OpenAnolis issues only.",
"contact": [
{
"email": [
@@ -12532,7 +12532,7 @@
"shortName": "Philips",
"cnaID": "CNA-2022-0012",
"organizationName": "Philips",
- "scope": "Philips issues only",
+ "scope": "Philips issues only.",
"contact": [
{
"email": [
@@ -12588,7 +12588,7 @@
"shortName": "HYPR",
"cnaID": "CNA-2022-0013",
"organizationName": "HYPR Corp",
- "scope": "All HYPR products only",
+ "scope": "All HYPR products only.",
"contact": [
{
"email": [
@@ -12644,7 +12644,7 @@
"shortName": "Hitachi",
"cnaID": "CNA-2022-0014",
"organizationName": "Hitachi, Ltd.",
- "scope": "Hitachi products excluding Hitachi Energy and Hitachi Vantara products",
+ "scope": "Hitachi products excluding Hitachi Energy and Hitachi Vantara products.",
"contact": [
{
"email": [
@@ -12700,7 +12700,7 @@
"shortName": "Hallo_Welt",
"cnaID": "CNA-2022-0015",
"organizationName": "Hallo Welt! GmbH",
- "scope": "BlueSpice vulnerabilities only",
+ "scope": "BlueSpice vulnerabilities only.",
"contact": [
{
"email": [
@@ -12756,7 +12756,7 @@
"shortName": "SailPoint",
"cnaID": "CNA-2022-0016",
"organizationName": "SailPoint Technologies",
- "scope": "SailPoint issues only",
+ "scope": "SailPoint issues only.",
"contact": [
{
"email": [
@@ -12812,7 +12812,7 @@
"shortName": "Hitachi_Vantara",
"cnaID": "CNA-2022-0017",
"organizationName": "Hitachi Vantara",
- "scope": "All Hitachi Vantara products and technologies",
+ "scope": "All Hitachi Vantara products and technologies.",
"contact": [
{
"email": [
@@ -12876,7 +12876,7 @@
"shortName": "GE_Healthcare",
"cnaID": "CNA-2022-0018",
"organizationName": "GE Healthcare",
- "scope": "GE Healthcare products",
+ "scope": "GE Healthcare products.",
"contact": [
{
"email": [
@@ -12936,7 +12936,7 @@
"shortName": "openGauss",
"cnaID": "CNA-2022-0019",
"organizationName": "openGauss Community",
- "scope": "openGauss issues only",
+ "scope": "openGauss issues only.",
"contact": [
{
"email": [
@@ -12992,7 +12992,7 @@
"shortName": "FULL",
"cnaID": "CNA-2022-0020",
"organizationName": "FULL INTERNET",
- "scope": "All FULL products, as well as vulnerabilities in third-party software discovered by FULL that are not in another CNA’s scope",
+ "scope": "All FULL products, as well as vulnerabilities in third-party software discovered by FULL that are not in another CNA’s scope.",
"contact": [
{
"email": [
@@ -13046,68 +13046,68 @@
]
},
"country": "Brazil"
- },
+ },
{
- "shortName": "The_Missing_Link",
- "cnaID": "CNA-2022-0021",
- "organizationName": "The Missing Link Australia (TML)",
- "scope": "TML vulnerability disclosure policy applies to any third-party vendor products to whom TML will assign the CVEs for vulnerabilities, if the product is not a part of another CNA scope",
- "contact": [
- {
- "email": [
- {
- "label": "Email",
- "emailAddr": "vdp@themissinglink.com.au"
- }
- ],
- "contact": [],
- "form": []
- }
- ],
- "disclosurePolicy": [
- {
- "label": "Policy",
- "language": "",
- "url": "https://www.themissinglink.com.au/vulnerability-disclosure-policy"
- }
- ],
- "securityAdvisories": {
- "alerts": [],
- "advisories": [
- {
- "label": "Advisories",
- "url": "https://www.themissinglink.com.au/security-advisories"
- }
- ]
- },
- "resources": [],
- "CNA": {
- "isRoot": false,
- "root": {
- "shortName": "n/a",
- "organizationName": "n/a"
- },
- "roles": [
- {
- "helpText": "",
- "role": "CNA"
- }
- ],
- "TLR": {
- "shortName": "mitre",
- "organizationName": "MITRE Corporation"
- },
- "type": [
- "Researcher"
- ]
- },
- "country": "Australia"
+ "shortName": "The_Missing_Link",
+ "cnaID": "CNA-2022-0021",
+ "organizationName": "The Missing Link Australia (TML)",
+ "scope": "TML vulnerability disclosure policy applies to any third-party vendor products to whom TML will assign the CVEs for vulnerabilities, if the product is not a part of another CNA scope.",
+ "contact": [
+ {
+ "email": [
+ {
+ "label": "Email",
+ "emailAddr": "vdp@themissinglink.com.au"
+ }
+ ],
+ "contact": [],
+ "form": []
+ }
+ ],
+ "disclosurePolicy": [
+ {
+ "label": "Policy",
+ "language": "",
+ "url": "https://www.themissinglink.com.au/vulnerability-disclosure-policy"
+ }
+ ],
+ "securityAdvisories": {
+ "alerts": [],
+ "advisories": [
+ {
+ "label": "Advisories",
+ "url": "https://www.themissinglink.com.au/security-advisories"
+ }
+ ]
+ },
+ "resources": [],
+ "CNA": {
+ "isRoot": false,
+ "root": {
+ "shortName": "n/a",
+ "organizationName": "n/a"
+ },
+ "roles": [
+ {
+ "helpText": "",
+ "role": "CNA"
+ }
+ ],
+ "TLR": {
+ "shortName": "mitre",
+ "organizationName": "MITRE Corporation"
+ },
+ "type": [
+ "Researcher"
+ ]
+ },
+ "country": "Australia"
},
{
"shortName": "NCSC-NL",
"cnaID": "CNA-2022-0022",
"organizationName": "National Cyber Security Centre Netherlands (NCSC-NL)",
- "scope": "Vulnerabilities in software discovered by NCSC-NL, and vulnerabilities reported to NCSC-NL for coordinated disclosure, which are not in another CNA's scope",
+ "scope": "Vulnerabilities in software discovered by NCSC-NL, and vulnerabilities reported to NCSC-NL for coordinated disclosure, which are not in another CNA's scope.",
"contact": [
{
"email": [
@@ -13168,7 +13168,7 @@
"shortName": "Dassault_Systemes",
"cnaID": "CNA-2022-0023",
"organizationName": "Dassault Systèmes",
- "scope": "All websites of the corporate group and of any subsidiaries, including but not limited to www.3ds.com and www.solidworks.com; all Software as a Service solutions, such as 3DEXPERIENCE or ScienceCloud, but also any online hosting linked to our brands; and all Dassault Systèmes licensed software products",
+ "scope": "All websites of the corporate group and of any subsidiaries, including but not limited to www.3ds.com and www.solidworks.com; all Software as a Service solutions, such as 3DEXPERIENCE or ScienceCloud, but also any online hosting linked to our brands; and all Dassault Systèmes licensed software products.",
"contact": [
{
"email": [
@@ -13224,7 +13224,7 @@
"shortName": "KNIME",
"cnaID": "CNA-2022-0024",
"organizationName": "KNIME AG",
- "scope": "All vulnerabilities on software products that our company provides, including KNIME Analytics Platform, KNIME Server, and KNIME Hub",
+ "scope": "All vulnerabilities on software products that our company provides, including KNIME Analytics Platform, KNIME Server, and KNIME Hub.",
"contact": [
{
"email": [
@@ -13277,67 +13277,67 @@
"country": "Switzerland"
},
{
- "shortName": "Unisoc",
- "cnaID": "CNA-2022-0025",
- "organizationName": "Unisoc (Shanghai) Technologies Co., Ltd.",
- "scope": "Unisoc issues only",
- "contact": [
- {
- "email": [
- {
- "label": "Email",
- "emailAddr": "security@unisoc.com"
- }
- ],
- "contact": [],
- "form": []
- }
- ],
- "disclosurePolicy": [
- {
- "label": "Policy",
- "language": "English",
- "url": "https://www.unisoc.com/en_us/secy/flawedPolicy"
- }
- ],
- "securityAdvisories": {
- "alerts": [],
- "advisories": [
- {
- "label": "Advisories",
- "language": "English",
- "url": "https://www.unisoc.com/en_us/secy/announcement"
- }
- ]
- },
- "resources": [],
- "CNA": {
- "isRoot": false,
- "root": {
- "shortName": "n/a",
- "organizationName": "n/a"
- },
- "roles": [
- {
- "helpText": "",
- "role": "CNA"
- }
- ],
- "TLR": {
- "shortName": "mitre",
- "organizationName": "MITRE Corporation"
- },
- "type": [
- "Vendor"
- ]
- },
- "country": "China"
+ "shortName": "Unisoc",
+ "cnaID": "CNA-2022-0025",
+ "organizationName": "Unisoc (Shanghai) Technologies Co., Ltd.",
+ "scope": "Unisoc issues only.",
+ "contact": [
+ {
+ "email": [
+ {
+ "label": "Email",
+ "emailAddr": "security@unisoc.com"
+ }
+ ],
+ "contact": [],
+ "form": []
+ }
+ ],
+ "disclosurePolicy": [
+ {
+ "label": "Policy",
+ "language": "English",
+ "url": "https://www.unisoc.com/en_us/secy/flawedPolicy"
+ }
+ ],
+ "securityAdvisories": {
+ "alerts": [],
+ "advisories": [
+ {
+ "label": "Advisories",
+ "language": "English",
+ "url": "https://www.unisoc.com/en_us/secy/announcement"
+ }
+ ]
+ },
+ "resources": [],
+ "CNA": {
+ "isRoot": false,
+ "root": {
+ "shortName": "n/a",
+ "organizationName": "n/a"
+ },
+ "roles": [
+ {
+ "helpText": "",
+ "role": "CNA"
+ }
+ ],
+ "TLR": {
+ "shortName": "mitre",
+ "organizationName": "MITRE Corporation"
+ },
+ "type": [
+ "Vendor"
+ ]
+ },
+ "country": "China"
},
{
"shortName": "OpenHarmony",
"cnaID": "CNA-2022-0026",
"organizationName": "OpenHarmony",
- "scope": "openHarmony issues only",
+ "scope": "openHarmony issues only.",
"contact": [
{
"email": [
@@ -13394,7 +13394,7 @@
"shortName": "Crestron",
"cnaID": "CNA-2022-0027",
"organizationName": "Crestron Electronics, Inc.",
- "scope": "Crestron products",
+ "scope": "Crestron products.",
"contact": [
{
"email": [
@@ -13450,7 +13450,7 @@
"shortName": "Rockwell",
"cnaID": "CNA-2022-0028",
"organizationName": "Rockwell Automation",
- "scope": "All Rockwell Automation products",
+ "scope": "All Rockwell Automation products.",
"contact": [
{
"email": [
@@ -13506,7 +13506,7 @@
"shortName": "OpenNMS",
"cnaID": "CNA-2022-0029",
"organizationName": "The OpenNMS Group",
- "scope": "OpenNMS issues only",
+ "scope": "OpenNMS issues only.",
"contact": [
{
"email": [
@@ -13564,7 +13564,7 @@
"shortName": "Dragos",
"cnaID": "CNA-2022-0030",
"organizationName": "Dragos, Inc.",
- "scope": "Dragos products and third-party products it researches related to operational technology (OT)/industrial control systems (ICS) not covered by another CNA",
+ "scope": "Dragos products and third-party products it researches related to operational technology (OT)/industrial control systems (ICS) not covered by another CNA.",
"contact": [
{
"email": [
@@ -13621,7 +13621,7 @@
"shortName": "CyberArk",
"cnaID": "CNA-2022-0031",
"organizationName": "CyberArk Labs",
- "scope": "Vulnerabilities discovered by CyberArk Labs that are not in another CNA’s scope",
+ "scope": "Vulnerabilities discovered by CyberArk Labs that are not in another CNA’s scope.",
"contact": [
{
"email": [
@@ -13679,7 +13679,7 @@
"shortName": "DualVS",
"cnaID": "CNA-2022-0032",
"organizationName": "Dual Vipers LLC",
- "scope": "Dual Vipers projects and products (both open and closed source), as well as vulnerabilities in third-party software discovered by Dual Vipers that are not in another CNA’s scope",
+ "scope": "Dual Vipers projects and products (both open and closed source), as well as vulnerabilities in third-party software discovered by Dual Vipers that are not in another CNA’s scope.",
"contact": [
{
"email": [
@@ -13739,7 +13739,7 @@
"shortName": "Bugcrowd",
"cnaID": "CNA-2022-0033",
"organizationName": "Bugcrowd Inc.",
- "scope": "Vulnerabilities discovered by researchers in collaboration with Bugcrowd, with approval of Bugcrowd’s clients, and not in the scope of another CNA",
+ "scope": "Vulnerabilities discovered by researchers in collaboration with Bugcrowd, with approval of Bugcrowd’s clients, and not in the scope of another CNA.",
"contact": [
{
"email": [
@@ -13798,7 +13798,7 @@
"shortName": "SK-CERT",
"cnaID": "CNA-2022-0034",
"organizationName": "National Cyber Security Centre SK-CERT",
- "scope": "Vulnerabilities in software discovered by National Cyber Security Centre SK-CERT, and vulnerabilities reported to National Cyber Security Centre SK-CERT for coordinated disclosure, which are not in another CNA’s scope",
+ "scope": "Vulnerabilities in software discovered by National Cyber Security Centre SK-CERT, and vulnerabilities reported to National Cyber Security Centre SK-CERT for coordinated disclosure, which are not in another CNA’s scope.",
"contact": [
{
"email": [
@@ -13855,7 +13855,7 @@
"shortName": "Baicells",
"cnaID": "CNA-2022-0035",
"organizationName": "Baicells Technologies Co., Ltd.",
- "scope": "All Baicells products",
+ "scope": "All Baicells products.",
"contact": [
{
"email": [
@@ -13912,7 +13912,7 @@
"shortName": "NetRise",
"cnaID": "CNA-2022-0036",
"organizationName": "NetRise",
- "scope": "Vulnerabilities in third-party Extended Internet of Things (XIoT) devices and firmware NetRise researches that are not covered by another CNA",
+ "scope": "Vulnerabilities in third-party Extended Internet of Things (XIoT) devices and firmware NetRise researches that are not covered by another CNA.",
"contact": [
{
"email": [
@@ -13968,7 +13968,7 @@
"shortName": "HashiCorp",
"cnaID": "CNA-2022-0037",
"organizationName": "HashiCorp Inc.",
- "scope": "All HashiCorp products and projects unless covered by another CNA’s scope",
+ "scope": "All HashiCorp products and projects unless covered by another CNA’s scope.",
"contact": [
{
"email": [
@@ -14025,7 +14025,7 @@
"shortName": "OpenCloudOS",
"cnaID": "CNA-2022-0038",
"organizationName": "OpenCloudOS Community",
- "scope": "OpenCloud OS issues only, not including EOL products, unless covered by another CNA’s scope",
+ "scope": "OpenCloud OS issues only, not including EOL products, unless covered by another CNA’s scope.",
"contact": [
{
"email": [
@@ -14082,7 +14082,7 @@
"shortName": "GreenRocketSecurity",
"cnaID": "CNA-2022-0039",
"organizationName": "Green Rocket Security Inc.",
- "scope": "Green Rocket Security products including EOL unless covered by another CNA’s scope",
+ "scope": "Green Rocket Security products including EOL unless covered by another CNA’s scope.",
"contact": [
{
"email": [
@@ -14139,7 +14139,7 @@
"shortName": "Seagate",
"cnaID": "CNA-2022-0040",
"organizationName": "Seagate Technology",
- "scope": "Any Seagate or LaCie software or hardware, open or closed source, supported and end of life, as well as any vulnerabilities in third-party software discovered by Seagate that are not in another CNA’s scope",
+ "scope": "Any Seagate or LaCie software or hardware, open or closed source, supported and end of life, as well as any vulnerabilities in third-party software discovered by Seagate that are not in another CNA’s scope.",
"contact": [
{
"email": [
@@ -14198,7 +14198,7 @@
"shortName": "senhasegura",
"cnaID": "CNA-2022-0041",
"organizationName": "senhasegura",
- "scope": "Vulnerabilities in senhasegura products, and other vulnerabilities discovered by senhasegura that are not in another CNA’s scope",
+ "scope": "Vulnerabilities in senhasegura products, and other vulnerabilities discovered by senhasegura that are not in another CNA’s scope.",
"contact": [
{
"email": [
@@ -14256,7 +14256,7 @@
"shortName": "KrakenD",
"cnaID": "CNA-2022-0042",
"organizationName": "KrakenD, S.L.",
- "scope": "KrakenD EE, KrakenD CE, and Lura issues only",
+ "scope": "KrakenD EE, KrakenD CE, and Lura issues only.",
"contact": [
{
"email": [
@@ -14314,7 +14314,7 @@
"shortName": "ONEKEY",
"cnaID": "CNA-2022-0043",
"organizationName": "ONEKEY GmbH",
- "scope": "All ONEKEY products and vulnerabilities in third-party software discovered by ONEKEY that are not in another CNA’s scope",
+ "scope": "All ONEKEY products and vulnerabilities in third-party software discovered by ONEKEY that are not in another CNA’s scope.",
"contact": [
{
"email": [
@@ -14371,7 +14371,7 @@
"shortName": "Zowe",
"cnaID": "CNA-2022-0044",
"organizationName": "Zowe",
- "scope": "Vulnerabilities in Zowe.org open source projects",
+ "scope": "Vulnerabilities in Zowe.org open source projects.",
"contact": [
{
"email": [
@@ -14428,7 +14428,7 @@
"shortName": "Honor",
"cnaID": "CNA-2022-0045",
"organizationName": "Honor Device Co., Ltd.",
- "scope": "Vulnerabilities in Honor products and services unless covered by the scope of another CNA",
+ "scope": "Vulnerabilities in Honor products and services unless covered by the scope of another CNA.",
"contact": [
{
"email": [
@@ -14485,7 +14485,7 @@
"shortName": "Honeywell",
"cnaID": "CNA-2022-0046",
"organizationName": "Honeywell International Inc.",
- "scope": "All Honeywell products",
+ "scope": "All Honeywell products.",
"contact": [
{
"email": [
@@ -14545,7 +14545,7 @@
"shortName": "Qualys",
"cnaID": "CNA-2022-0047",
"organizationName": "Qualys, Inc.",
- "scope": "All Qualys products and vulnerabilities discovered by Qualys that are not covered by another CNA’s scope",
+ "scope": "All Qualys products and vulnerabilities discovered by Qualys that are not covered by another CNA’s scope.",
"contact": [
{
"email": [
@@ -14603,7 +14603,7 @@
"shortName": "GRAFANA",
"cnaID": "CNA-2022-0048",
"organizationName": "Grafana Labs",
- "scope": "All Grafana Labs open source and commercial products",
+ "scope": "All Grafana Labs open source and commercial products.",
"contact": [
{
"email": [
@@ -14661,7 +14661,7 @@
"shortName": "wolfSSL",
"cnaID": "CNA-2022-0049",
"organizationName": "wolfSSL Inc.",
- "scope": "Transport Layer Security (TLS) and Cryptographic issues found in wolfSSL products",
+ "scope": "Transport Layer Security (TLS) and Cryptographic issues found in wolfSSL products.",
"contact": [
{
"email": [
@@ -14724,7 +14724,7 @@
"shortName": "Docker",
"cnaID": "CNA-2022-0050",
"organizationName": "Docker Inc.",
- "scope": "All Docker products, including Docker Desktop and Docker Hub, as well as Docker maintained open source projects",
+ "scope": "All Docker products, including Docker Desktop and Docker Hub, as well as Docker maintained open source projects.",
"contact": [
{
"email": [
@@ -14792,7 +14792,7 @@
"shortName": "Proofpoint",
"cnaID": "CNA-2022-0051",
"organizationName": "Proofpoint Inc.",
- "scope": "All Proofpoint products",
+ "scope": "All Proofpoint products.",
"contact": [
{
"email": [
@@ -14850,7 +14850,7 @@
"shortName": "Baidu",
"cnaID": "CNA-2022-0052",
"organizationName": "Baidu, Inc.",
- "scope": "Projects listed on Baidu’s PaddlePaddle GitHub website only",
+ "scope": "Projects listed on Baidu’s PaddlePaddle GitHub website only.",
"contact": [
{
"email": [
@@ -14964,7 +14964,7 @@
"shortName": "Checkmk",
"cnaID": "CNA-2022-0055",
"organizationName": "Checkmk GmbH",
- "scope": "All products of Checkmk GmbH including Checkmk and Checkmk Appliance, Nagvis, Robotmk, and packages published on exchange.checkmk.com",
+ "scope": "All products of Checkmk GmbH including Checkmk and Checkmk Appliance, Nagvis, Robotmk, and packages published on exchange.checkmk.com.",
"contact": [
{
"email": [
@@ -15022,7 +15022,7 @@
"shortName": "dotCMS",
"cnaID": "CNA-2023-0001",
"organizationName": "dotCMS LLC",
- "scope": "All dotCMS product services including the vulnerabilities reported in our open source core located at https://github.com/dotCMS/core",
+ "scope": "All dotCMS product services including the vulnerabilities reported in our open source core located at https://github.com/dotCMS/core.",
"contact": [
{
"email": [
@@ -15084,7 +15084,7 @@
"shortName": "DHIS2",
"cnaID": "CNA-2023-0002",
"organizationName": "The HISP Centre at the University of Oslo",
- "scope": "Security issues in DHIS2 open source web and mobile software applications",
+ "scope": "Security issues in DHIS2 open source web and mobile software applications.",
"contact": [
{
"email": [
@@ -15142,7 +15142,7 @@
"shortName": "NI",
"cnaID": "CNA-2023-0003",
"organizationName": "National Instruments",
- "scope": "NI products only (including National Instruments)",
+ "scope": "NI products only (including National Instruments).",
"contact": [
{
"email": [
@@ -15199,7 +15199,7 @@
"shortName": "Genetec",
"cnaID": "CNA-2023-0004",
"organizationName": "Genetec Inc.",
- "scope": "Genetec products and solutions only",
+ "scope": "Genetec products and solutions only.",
"contact": [
{
"email": [
@@ -15257,7 +15257,7 @@
"shortName": "AHA",
"cnaID": "CNA-2023-0005",
"organizationName": "Austin Hackers Anonymous",
- "scope": "Vulnerabilities in the AHA! website and other AHA! controlled assets, as well as vulnerabilities identified in assets owned, operated, or maintained by another organization unless covered by the scope of another CNA",
+ "scope": "Vulnerabilities in the AHA! website and other AHA! controlled assets, as well as vulnerabilities identified in assets owned, operated, or maintained by another organization unless covered by the scope of another CNA.",
"contact": [
{
"email": [
@@ -15314,7 +15314,7 @@
"shortName": "XI",
"cnaID": "CNA-2023-0006",
"organizationName": "Exodus Intelligence",
- "scope": "Vulnerabilities discovered by Exodus Intelligence as well as acquisitions from independent researchers via its Research Sponsorship Program (RSP)",
+ "scope": "Vulnerabilities discovered by Exodus Intelligence as well as acquisitions from independent researchers via its Research Sponsorship Program (RSP).",
"contact": [
{
"email": [
@@ -15372,7 +15372,7 @@
"shortName": "B.Braun",
"cnaID": "CNA-2023-0007",
"organizationName": "B. Braun SE",
- "scope": "B. Braun’s commercially available products only",
+ "scope": "B. Braun’s commercially available products only.",
"contact": [
{
"email": [
@@ -15428,7 +15428,7 @@
"shortName": "OX",
"cnaID": "CNA-2023-0008",
"organizationName": "Open-Xchange",
- "scope": "Products and services provided by Open-Xchange, PowerDNS, and Dovecot",
+ "scope": "Products and services provided by Open-Xchange, PowerDNS, and Dovecot.",
"contact": [
{
"email": [
@@ -15485,7 +15485,7 @@
"shortName": "Hillstone",
"cnaID": "CNA-2023-0009",
"organizationName": "Hillstone Networks Inc.",
- "scope": "Vulnerabilities in our products listed at https://www.hillstonenet.com/hillstone-networks-product-portfolio and the products we sell only in China listed at https://www.hillstonenet.com.cn/product_service/, not including our websites",
+ "scope": "Vulnerabilities in our products listed at https://www.hillstonenet.com/hillstone-networks-product-portfolio and the products we sell only in China listed at https://www.hillstonenet.com.cn/product_service/, not including our websites.",
"contact": [
{
"email": [
@@ -15541,7 +15541,7 @@
"shortName": "STAR_Labs",
"cnaID": "CNA-2023-0010",
"organizationName": "STAR Labs SG Pte. Ltd.",
- "scope": "Vulnerabilities discovered by, or reported to, STAR Labs SG that are not in another CNA’s scope",
+ "scope": "Vulnerabilities discovered by, or reported to, STAR Labs SG that are not in another CNA’s scope.",
"contact": [
{
"email": [
@@ -15597,7 +15597,7 @@
"shortName": "ShopBeat",
"cnaID": "CNA-2023-0011",
"organizationName": "Shop Beat Solutions (Pty) LTD",
- "scope": "Vulnerabilities in Shop Beat products and services and vulnerabilities discovered by Shop Beat unless covered by the scope of another CNA",
+ "scope": "Vulnerabilities in Shop Beat products and services and vulnerabilities discovered by Shop Beat unless covered by the scope of another CNA.",
"contact": [
{
"email": [
@@ -15654,7 +15654,7 @@
"shortName": "SN",
"cnaID": "CNA-2023-0012",
"organizationName": "ServiceNow",
- "scope": "All ServiceNow products (supported products and end-of-life/end-of-service products), as well as vulnerabilities in third-party software discovered by ServiceNow that are not in another CNA’s scope",
+ "scope": "All ServiceNow products (supported products and end-of-life/end-of-service products), as well as vulnerabilities in third-party software discovered by ServiceNow that are not in another CNA’s scope.",
"contact": [
{
"email": [
@@ -15712,7 +15712,7 @@
"shortName": "WatchGuard",
"cnaID": "CNA-2023-0013",
"organizationName": "WatchGuard Technologies, Inc.",
- "scope": "Vulnerabilities in all WatchGuard products and products of WatchGuard subsidiaries",
+ "scope": "Vulnerabilities in all WatchGuard products and products of WatchGuard subsidiaries.",
"contact": [
{
"email": [
@@ -15768,7 +15768,7 @@
"shortName": "IDEMIA",
"cnaID": "CNA-2023-0014",
"organizationName": "IDEMIA",
- "scope": "All IDEMIA products (supported products and end-of-life/end-of-service products), as well as vulnerabilities in third-party software discovered by IDEMIA that are not in another CNA’s scope",
+ "scope": "All IDEMIA products (supported products and end-of-life/end-of-service products), as well as vulnerabilities in third-party software discovered by IDEMIA that are not in another CNA’s scope.",
"contact": [
{
"email": [
@@ -15825,7 +15825,7 @@
"shortName": "GandC",
"cnaID": "CNA-2023-0015",
"organizationName": "Glyph & Cog, LLC",
- "scope": "Xpdf open source project, including the xpdf viewer and associated command line tools",
+ "scope": "Xpdf open source project, including the xpdf viewer and associated command line tools.",
"contact": [
{
"email": [
@@ -15882,7 +15882,7 @@
"shortName": "Liferay",
"cnaID": "CNA-2023-0016",
"organizationName": "Liferay, Inc.",
- "scope": "All Liferay supported products and end-of-life/end-of-service products",
+ "scope": "All Liferay supported products and end-of-life/end-of-service products.",
"contact": [
{
"email": [
@@ -15938,7 +15938,7 @@
"shortName": "Securifera",
"cnaID": "CNA-2023-0017",
"organizationName": "Securifera, Inc.",
- "scope": "Vulnerabilities in vendor products discovered by Securifera, or related parties, while performing vulnerability research or security assessments",
+ "scope": "Vulnerabilities in vendor products discovered by Securifera, or related parties, while performing vulnerability research or security assessments.",
"contact": [
{
"email": [
@@ -15994,7 +15994,7 @@
"shortName": "CyberDanube",
"cnaID": "CNA-2023-0018",
"organizationName": "CyberDanube",
- "scope": "All CyberDanube products, as well as vulnerabilities in third-party hardware/software discovered by CyberDanube or partners actively engaged in vulnerability research coordination, which are not within the scope of another CNA",
+ "scope": "All CyberDanube products, as well as vulnerabilities in third-party hardware/software discovered by CyberDanube or partners actively engaged in vulnerability research coordination, which are not within the scope of another CNA.",
"contact": [
{
"email": [
@@ -16048,66 +16048,66 @@
"country": "Austria"
},
{
- "shortName": "StrongDM",
- "cnaID": "CNA-2023-0019",
- "organizationName": "StrongDM",
- "scope": "StrongDM issues only",
- "contact": [
- {
- "email": [
- {
- "label": "Email",
- "emailAddr": "security@strongdm.com"
- }
- ],
- "contact": [],
- "form": []
- }
- ],
- "disclosurePolicy": [
- {
- "label": "Policy",
- "language": "",
- "url": "https://hackerone.com/strongdm"
- }
- ],
- "securityAdvisories": {
- "alerts": [],
- "advisories": [
- {
- "label": "Advisories",
- "url": "https://www.strongdm.com/security/advisories"
- }
- ]
- },
- "resources": [],
- "CNA": {
- "isRoot": false,
- "root": {
- "shortName": "n/a",
- "organizationName": "n/a"
- },
- "roles": [
- {
- "helpText": "",
- "role": "CNA"
- }
- ],
- "TLR": {
- "shortName": "mitre",
- "organizationName": "MITRE Corporation"
- },
- "type": [
- "Vendor"
- ]
- },
- "country": "USA"
+ "shortName": "StrongDM",
+ "cnaID": "CNA-2023-0019",
+ "organizationName": "StrongDM",
+ "scope": "StrongDM issues only.",
+ "contact": [
+ {
+ "email": [
+ {
+ "label": "Email",
+ "emailAddr": "security@strongdm.com"
+ }
+ ],
+ "contact": [],
+ "form": []
+ }
+ ],
+ "disclosurePolicy": [
+ {
+ "label": "Policy",
+ "language": "",
+ "url": "https://hackerone.com/strongdm"
+ }
+ ],
+ "securityAdvisories": {
+ "alerts": [],
+ "advisories": [
+ {
+ "label": "Advisories",
+ "url": "https://www.strongdm.com/security/advisories"
+ }
+ ]
+ },
+ "resources": [],
+ "CNA": {
+ "isRoot": false,
+ "root": {
+ "shortName": "n/a",
+ "organizationName": "n/a"
+ },
+ "roles": [
+ {
+ "helpText": "",
+ "role": "CNA"
+ }
+ ],
+ "TLR": {
+ "shortName": "mitre",
+ "organizationName": "MITRE Corporation"
+ },
+ "type": [
+ "Vendor"
+ ]
+ },
+ "country": "USA"
},
{
"shortName": "SEL",
"cnaID": "CNA-2023-0020",
"organizationName": "Schweitzer Engineering Laboratories, Inc.",
- "scope": "All Schweitzer Engineering Laboratories products",
+ "scope": "All Schweitzer Engineering Laboratories products.",
"contact": [
{
"email": [
@@ -16163,7 +16163,7 @@
"shortName": "VulnCheck",
"cnaID": "CNA-2023-0021",
"organizationName": "VulnCheck",
- "scope": "Vulnerabilities discovered by, or reported to, VulnCheck that are not in another CNA’s scope",
+ "scope": "Vulnerabilities discovered by, or reported to, VulnCheck that are not in another CNA’s scope.",
"contact": [
{
"email": [
@@ -16220,7 +16220,7 @@
"shortName": "Halborn",
"cnaID": "CNA-2023-0022",
"organizationName": "Halborn",
- "scope": "All blockchain and Web3 products that rely on smart contracts written in Rust, Go, and Solidity, as well as blockchain associated Web2 and Web3 infrastructure not covered by another CNA",
+ "scope": "All blockchain and Web3 products that rely on smart contracts written in Rust, Go, and Solidity, as well as blockchain associated Web2 and Web3 infrastructure not covered by another CNA.",
"contact": [
{
"email": [
@@ -16276,7 +16276,7 @@
"shortName": "Ribose",
"cnaID": "CNA-2023-0023",
"organizationName": "Ribose Limited",
- "scope": "All Ribose products and services, including open source projects, supported products, and end-of-life/end-of-service products",
+ "scope": "All Ribose products and services, including open source projects, supported products, and end-of-life/end-of-service products.",
"contact": [
{
"email": [
@@ -16334,7 +16334,7 @@
"shortName": "42Gears",
"cnaID": "CNA-2023-0024",
"organizationName": "42Gears Mobility Systems Pvt Ltd",
- "scope": "42Gears branded products and technologies only",
+ "scope": "42Gears branded products and technologies only.",
"contact": [
{
"email": [
@@ -16390,7 +16390,7 @@
"shortName": "Solidigm",
"cnaID": "CNA-2023-0025",
"organizationName": "Solidigm",
- "scope": "Solidigm branded products and technologies",
+ "scope": "Solidigm branded products and technologies.",
"contact": [
{
"email": [
@@ -16446,7 +16446,7 @@
"shortName": "Illumio",
"cnaID": "CNA-2023-0026",
"organizationName": "Illumio",
- "scope": "Illumio issues only",
+ "scope": "Illumio issues only.",
"contact": [
{
"email": [
@@ -16502,7 +16502,7 @@
"shortName": "BLSOPS",
"cnaID": "CNA-2023-0027",
"organizationName": "Black Lantern Security",
- "scope": "Vulnerabilities in vendor products discovered by BLSOPS, or related parties, while performing vulnerability research or security assessments, unless covered by another CNA’s scope",
+ "scope": "Vulnerabilities in vendor products discovered by BLSOPS, or related parties, while performing vulnerability research or security assessments, unless covered by another CNA’s scope.",
"contact": [
{
"email": [
@@ -16558,7 +16558,7 @@
"shortName": "IoT83",
"cnaID": "CNA-2023-0028",
"organizationName": "IoT83 Ltd",
- "scope": "Vulnerabilities in IoT83 product(s), services, and components only. Third-party, open source components used in IoT83 product(s), services, and components are not in scope",
+ "scope": "Vulnerabilities in IoT83 product(s), services, and components only. Third-party, open source components used in IoT83 product(s), services, and components are not in scope.",
"contact": [
{
"email": [
@@ -16614,7 +16614,7 @@
"shortName": "Moxa",
"cnaID": "CNA-2023-0029",
"organizationName": "Moxa Inc.",
- "scope": "Moxa products only",
+ "scope": "Moxa products only.",
"contact": [
{
"email": [
@@ -16670,7 +16670,7 @@
"shortName": "Temporal",
"cnaID": "CNA-2023-0030",
"organizationName": "Temporal Technologies Inc.",
- "scope": "All Temporal Technologies software",
+ "scope": "All Temporal Technologies software.",
"contact": [
{
"email": [
@@ -16727,7 +16727,7 @@
"shortName": "AMI",
"cnaID": "CNA-2023-0031",
"organizationName": "AMI",
- "scope": "Vulnerabilities in AMI firmware and software products, as well as vulnerabilities discovered by AMI that are not covered by another CNA scope",
+ "scope": "Vulnerabilities in AMI firmware and software products, as well as vulnerabilities discovered by AMI that are not covered by another CNA scope.",
"contact": [
{
"email": [
@@ -16793,7 +16793,7 @@
"shortName": "Payara",
"cnaID": "CNA-2023-0032",
"organizationName": "Payara",
- "scope": "All Payara Platform product distributions (Payara Server, Micro, Embedded) for both Enterprise (commercial) and Community (OSS) distributions",
+ "scope": "All Payara Platform product distributions (Payara Server, Micro, Embedded) for both Enterprise (commercial) and Community (OSS) distributions.",
"contact": [
{
"email": [
@@ -16859,7 +16859,7 @@
"shortName": "NCSC-FI",
"cnaID": "CNA-2023-0033",
"organizationName": "National Cyber Security Centre Finland (NCSC-FI)",
- "scope": "Vulnerabilities in software discovered by NCSC-FI, and vulnerabilities reported to NCSC-FI for coordinated disclosure, which are not in another CNA’s scope",
+ "scope": "Vulnerabilities in software discovered by NCSC-FI, and vulnerabilities reported to NCSC-FI for coordinated disclosure, which are not in another CNA’s scope.",
"contact": [
{
"email": [
@@ -16924,7 +16924,7 @@
"shortName": "samsung.tv_appliance",
"cnaID": "CNA-2023-0034",
"organizationName": "Samsung TV & Appliance",
- "scope": "Samsung TV & Appliance products, Samsung-owned open source projects listed on https://github.com/Samsung/, as well as vulnerabilities in third-party software discovered by Samsung that are not in another CNA’s scope. Vulnerabilities affecting end-of-life/end-of-service products are in scope. The following categories of Samsung Products are in scope: Internet-connected home appliances, B2C product (smart TV, smart monitor, soundbar, and projector), and B2B products (digital signage, interactive display, and kiosk)",
+ "scope": "Samsung TV & Appliance products, Samsung-owned open source projects listed on https://github.com/Samsung/, as well as vulnerabilities in third-party software discovered by Samsung that are not in another CNA’s scope. Vulnerabilities affecting end-of-life/end-of-service products are in scope. The following categories of Samsung Products are in scope: Internet-connected home appliances, B2C product (smart TV, smart monitor, soundbar, and projector), and B2B products (digital signage, interactive display, and kiosk).",
"contact": [
{
"email": [
@@ -16986,7 +16986,7 @@
"shortName": "SRA",
"cnaID": "CNA-2023-0035",
"organizationName": "Security Risk Advisors (SRA)",
- "scope": "Vulnerabilities discovered by SRA that are not within the scope of another CNA",
+ "scope": "Vulnerabilities discovered by SRA that are not within the scope of another CNA.",
"contact": [
{
"email": [
@@ -17042,7 +17042,7 @@
"shortName": "Arm",
"cnaID": "CNA-2023-0036",
"organizationName": "Arm Limited",
- "scope": "Arm-branded products and technologies and Arm-managed open source projects",
+ "scope": "Arm-branded products and technologies and Arm-managed open source projects.",
"contact": [
{
"email": [
@@ -17099,7 +17099,7 @@
"shortName": "ODA",
"cnaID": "CNA-2023-0037",
"organizationName": "Open Design Alliance",
- "scope": "Open Design Alliance products only",
+ "scope": "Open Design Alliance products only.",
"contact": [
{
"email": [
@@ -17155,7 +17155,7 @@
"shortName": "BHV",
"cnaID": "CNA-2023-0038",
"organizationName": "Biohacking Village",
- "scope": "Vulnerabilities discovered by researchers in collaboration with Biohacking Village, with approval of Biohacking Village’s sponsors, that are not in another CNA’s scope",
+ "scope": "Vulnerabilities discovered by researchers in collaboration with Biohacking Village, with approval of Biohacking Village’s sponsors, that are not in another CNA’s scope.",
"contact": [
{
"email": [
@@ -17211,7 +17211,7 @@
"shortName": "Gitea",
"cnaID": "CNA-2023-0039",
"organizationName": "Gitea Limited",
- "scope": "Gitea issues only",
+ "scope": "Gitea issues only.",
"contact": [
{
"email": [
@@ -17268,7 +17268,7 @@
"shortName": "Google_Devices",
"cnaID": "CNA-2023-0040",
"organizationName": "Google Devices",
- "scope": "Google Devices - Pixel, Nest, and Chromecast",
+ "scope": "Google Devices - Pixel, Nest, and Chromecast.",
"contact": [
{
"email": [
@@ -17332,7 +17332,7 @@
"shortName": "MIM",
"cnaID": "CNA-2023-0041",
"organizationName": "MIM Software Inc.",
- "scope": "MIM software products, platforms, and services as well as vulnerabilities reported to MIM Software in third-party components or libraries used by MIM Software products, platforms, and services not covered by another CNA",
+ "scope": "MIM software products, platforms, and services as well as vulnerabilities reported to MIM Software in third-party components or libraries used by MIM Software products, platforms, and services not covered by another CNA.",
"contact": [
{
"email": [
@@ -17388,7 +17388,7 @@
"shortName": "IDBS",
"cnaID": "CNA-2023-0042",
"organizationName": "ID Business Solutions",
- "scope": "IDBS products as listed on https://www.idbs.com/products/",
+ "scope": "IDBS products as listed on https://www.idbs.com/products/.",
"contact": [
{
"email": [],
@@ -17444,7 +17444,7 @@
"shortName": "Hanwha_Vision",
"cnaID": "CNA-2023-0043",
"organizationName": "Hanwha Vision Co., Ltd.",
- "scope": "Hanwha Vision (formerly Samsung Techwin and Hanwha Techwin) products and solutions only, including end-of-life (EOL)",
+ "scope": "Hanwha Vision (formerly Samsung Techwin and Hanwha Techwin) products and solutions only, including end-of-life (EOL).",
"contact": [
{
"email": [
@@ -17500,7 +17500,7 @@
"shortName": "CrowdStrike",
"cnaID": "CNA-2023-0044",
"organizationName": "CrowdStrike Holdings, Inc.",
- "scope": "All CrowdStrike products",
+ "scope": "All CrowdStrike products.",
"contact": [
{
"email": [
@@ -17556,7 +17556,7 @@
"shortName": "ProgressSoftware",
"cnaID": "CNA-2023-0045",
"organizationName": "Progress Software Corporation",
- "scope": "Vulnerabilities in software published and maintained by Progress Software Corporation",
+ "scope": "Vulnerabilities in software published and maintained by Progress Software Corporation.",
"contact": [
{
"email": [
@@ -17612,7 +17612,7 @@
"shortName": "CERT-PL",
"cnaID": "CNA-2023-0046",
"organizationName": "CERT.PL",
- "scope": "Vulnerabilities in software discovered by CERT.PL, and vulnerabilities reported to CERT.PL for coordinated disclosure, which are not in another CNA’s scope",
+ "scope": "Vulnerabilities in software discovered by CERT.PL, and vulnerabilities reported to CERT.PL for coordinated disclosure, which are not in another CNA’s scope.",
"contact": [
{
"email": [
@@ -17686,7 +17686,7 @@
"shortName": "CISA",
"cnaID": "CNA-2023-0047",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA)",
- "scope": "Top-Level Root Scope: Vulnerabilities that are (1) reported to or observed by CISA and (2) affect critical infrastructure, U.S. civilian government, industrial control systems, or medical devices, and (3) are not covered by another CNA’s scope ADP Scope: View scope here",
+ "scope": "Top-Level Root Scope: Vulnerabilities that are (1) reported to or observed by CISA and (2) affect critical infrastructure, U.S. civilian government, industrial control systems, or medical devices, and (3) are not covered by another CNA’s scope. ADP Scope: View scope here.",
"contact": [
{
"email": [],
@@ -17746,7 +17746,7 @@
"shortName": "cisa-cg",
"cnaID": "CNA-2023-0048",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA) U.S. Civilian Government",
- "scope": "Vulnerabilities that are (1) reported to or observed by CISA, (2) affect critical infrastructure or U.S. civilian government, and (3) are not covered by another CNA’s scope",
+ "scope": "Vulnerabilities that are (1) reported to or observed by CISA, (2) affect critical infrastructure or U.S. civilian government, and (3) are not covered by another CNA’s scope.",
"contact": [
{
"email": [
@@ -17803,7 +17803,7 @@
"shortName": "Phoenix",
"cnaID": "CNA-2023-0049",
"organizationName": "Phoenix Technologies, Inc.",
- "scope": "All Phoenix Technologies products (supported products and end-of-life/end-of-service products), as well as vulnerabilities in third-party software discovered by Phoenix Technologies that are not in another CNA’s scope",
+ "scope": "All Phoenix Technologies products (supported products and end-of-life/end-of-service products), as well as vulnerabilities in third-party software discovered by Phoenix Technologies that are not in another CNA’s scope.",
"contact": [
{
"email": [
@@ -17861,7 +17861,7 @@
"shortName": "VULSec",
"cnaID": "CNA-2023-0050",
"organizationName": "VULSec Labs",
- "scope": "Vulnerabilities discovered by, or reported to, VULSec Labs that are not in another CNA’s scope",
+ "scope": "Vulnerabilities discovered by, or reported to, VULSec Labs that are not in another CNA’s scope.",
"contact": [
{
"email": [
@@ -17918,7 +17918,7 @@
"shortName": "Mandiant",
"cnaID": "CNA-2023-0051",
"organizationName": "Mandiant Inc.",
- "scope": "Vulnerabilities in Mandiant products or discovered by Mandiant while performing vulnerability research or security assessments, unless covered by another CNA’s scope",
+ "scope": "Vulnerabilities in Mandiant products or discovered by Mandiant while performing vulnerability research or security assessments, unless covered by another CNA’s scope.",
"contact": [
{
"email": [
@@ -17975,7 +17975,7 @@
"shortName": "PureStorage",
"cnaID": "CNA-2023-0052",
"organizationName": "Pure Storage, Inc.",
- "scope": "Pure Storage products only",
+ "scope": "Pure Storage products only.",
"contact": [
{
"email": [
@@ -18031,7 +18031,7 @@
"shortName": "PSF",
"cnaID": "CNA-2023-0053",
"organizationName": "Python Software Foundation",
- "scope": "Only supported and end-of-life Python versions available at https://python.org/downloads and pip versions available at https://pypi.org/project/pip, Pallets projects available at https://github.com/pallets (such as Flask, Jinja, Click, MarkupSafe, Werkzeug, and ItsDangerous), and excluding distributions of Python, pip, and Pallets projects maintained by third-party redistributors",
+ "scope": "Only supported and end-of-life Python versions available at https://python.org/downloads and pip versions available at https://pypi.org/project/pip, Pallets projects available at https://github.com/pallets (such as Flask, Jinja, Click, MarkupSafe, Werkzeug, and ItsDangerous), and excluding distributions of Python, pip, and Pallets projects maintained by third-party redistributors.",
"contact": [
{
"email": [
@@ -18088,7 +18088,7 @@
"shortName": "securin",
"cnaID": "CNA-2023-0054",
"organizationName": "Securin",
- "scope": "Vulnerabilities found in Securin products and services (including end-of-life/end-of-service products), as well as vulnerabilities in third-party software discovered by Securin that are not in another CNA’s scope",
+ "scope": "Vulnerabilities found in Securin products and services (including end-of-life/end-of-service products), as well as vulnerabilities in third-party software discovered by Securin that are not in another CNA’s scope.",
"contact": [
{
"email": [
@@ -18146,7 +18146,7 @@
"shortName": "Nokia",
"cnaID": "CNA-2023-0055",
"organizationName": "Nokia",
- "scope": "All vulnerabilities in Nokia products",
+ "scope": "All vulnerabilities in Nokia products.",
"contact": [
{
"email": [
@@ -18202,7 +18202,7 @@
"shortName": "ICT",
"cnaID": "CNA-2023-0056",
"organizationName": "Integrated Control Technology LTD",
- "scope": "All ICT security products",
+ "scope": "All ICT security products.",
"contact": [
{
"email": [
@@ -18258,7 +18258,7 @@
"shortName": "Xerox",
"cnaID": "CNA-2023-0057",
"organizationName": "Xerox Corporation",
- "scope": "Xerox Corporation issues only",
+ "scope": "Xerox Corporation issues only.",
"contact": [
{
"email": [
@@ -18315,7 +18315,7 @@
"shortName": "SoftIron",
"cnaID": "CNA-2023-0058",
"organizationName": "SoftIron",
- "scope": "SoftIron HyperCloud branded products and technologies only",
+ "scope": "SoftIron HyperCloud branded products and technologies only.",
"contact": [
{
"email": [
@@ -18371,7 +18371,7 @@
"shortName": "ADI",
"cnaID": "CNA-2023-0059",
"organizationName": "Analog Devices, Inc.",
- "scope": "Vulnerabilities in ADI firmware and software products",
+ "scope": "Vulnerabilities in ADI firmware and software products.",
"contact": [
{
"email": [
@@ -18427,7 +18427,7 @@
"shortName": "AlgoSec",
"cnaID": "CNA-2023-0060",
"organizationName": "AlgoSec",
- "scope": "AlgoSec products only",
+ "scope": "AlgoSec products only.",
"contact": [
{
"email": [
@@ -18539,7 +18539,7 @@
"shortName": "1E",
"cnaID": "CNA-2023-0062",
"organizationName": "1E Limited",
- "scope": "All 1E products (including end-of-life/end-of-service products), as well as vulnerabilities in third-party software discovered by 1E that are not in another CNA’s scope",
+ "scope": "All 1E products (including end-of-life/end-of-service products), as well as vulnerabilities in third-party software discovered by 1E that are not in another CNA’s scope.",
"contact": [
{
"email": [
@@ -18596,7 +18596,7 @@
"shortName": "Lexmark",
"cnaID": "CNA-2023-0063",
"organizationName": "Lexmark International Inc.",
- "scope": "Lexmark products only",
+ "scope": "Lexmark products only.",
"contact": [
{
"email": [
@@ -18652,7 +18652,7 @@
"shortName": "KeeperSecurity",
"cnaID": "CNA-2023-0064",
"organizationName": "Keeper Security, Inc.",
- "scope": "Keeper Security products and services only",
+ "scope": "Keeper Security products and services only.",
"contact": [
{
"email": [
@@ -18713,7 +18713,7 @@
"shortName": "Caliptra",
"cnaID": "CNA-2023-0065",
"organizationName": "Caliptra Project",
- "scope": "Caliptra Project components and vulnerabilities that are not in another CNA’s scope",
+ "scope": "Caliptra Project components and vulnerabilities that are not in another CNA’s scope.",
"contact": [
{
"email": [
@@ -18769,7 +18769,7 @@
"shortName": "PaperCut",
"cnaID": "CNA-2023-0066",
"organizationName": "PaperCut Software Pty Ltd",
- "scope": "PaperCut MF, PaperCut NG, PaperCut Hive, PaperCut Pocket, PaperCut Mobility Print, QRdoc, PaperCut Views, PaperCut Multiverse, https://www.papercut.com, and all other PaperCut products and services",
+ "scope": "PaperCut MF, PaperCut NG, PaperCut Hive, PaperCut Pocket, PaperCut Mobility Print, QRdoc, PaperCut Views, PaperCut Multiverse, https://www.papercut.com, and all other PaperCut products and services.",
"contact": [
{
"email": [
@@ -18825,7 +18825,7 @@
"shortName": "WrenSecurity",
"cnaID": "CNA-2023-0067",
"organizationName": "Wren Security",
- "scope": "Wren Security maintained software",
+ "scope": "Wren Security maintained software.",
"contact": [
{
"email": [
@@ -18889,7 +18889,7 @@
"shortName": "KCFTech",
"cnaID": "CNA-2023-0068",
"organizationName": "KCF Technologies, Inc.",
- "scope": "All KCF Technologies products including base stations, repeaters, numerous sensor types, and the SMARTdiagnostics cloud software",
+ "scope": "All KCF Technologies products including base stations, repeaters, numerous sensor types, and the SMARTdiagnostics cloud software.",
"contact": [
{
"email": [
@@ -18946,7 +18946,7 @@
"shortName": "YokogawaGroup",
"cnaID": "CNA-2023-0069",
"organizationName": "Yokogawa Group",
- "scope": "Yokogawa Group companies’ products and Yokogawa Group subsidiaries’ products",
+ "scope": "Yokogawa Group companies’ products and Yokogawa Group subsidiaries’ products.",
"contact": [
{
"email": [],
@@ -19006,7 +19006,7 @@
"shortName": "libreswan",
"cnaID": "CNA-2023-0070",
"organizationName": "Libreswan Project",
- "scope": "Libreswan software",
+ "scope": "Libreswan software.",
"contact": [
{
"email": [
@@ -19063,7 +19063,7 @@
"shortName": "NX",
"cnaID": "CNA-2023-0071",
"organizationName": "Network Optix",
- "scope": "All Network Optix products, including https://www.networkoptix.com/nx-witness and https://www.networkoptix.com/powered-by-nx",
+ "scope": "All Network Optix products, including https://www.networkoptix.com/nx-witness and https://www.networkoptix.com/powered-by-nx.",
"contact": [
{
"email": [
@@ -19120,7 +19120,7 @@
"shortName": "Dfinity",
"cnaID": "CNA-2023-0072",
"organizationName": "DFINITY Foundation",
- "scope": "All Internet Computer projects as found on the following GitHub pages: https://github.com/dfinity and https://github.com/dfinity-lab",
+ "scope": "All Internet Computer projects as found on the following GitHub pages: https://github.com/dfinity and https://github.com/dfinity-lab.",
"contact": [
{
"email": [
@@ -19177,7 +19177,7 @@
"shortName": "SEC-VLab",
"cnaID": "CNA-2023-0073",
"organizationName": "SEC Consult Vulnerability Lab",
- "scope": "All vulnerabilities discovered in third-party hardware/software by SEC Consult Vulnerability Lab (part of SEC Consult, an Eviden business), which are not in another CNA’s scope",
+ "scope": "All vulnerabilities discovered in third-party hardware/software by SEC Consult Vulnerability Lab (part of SEC Consult, an Eviden business), which are not in another CNA’s scope.",
"contact": [
{
"email": [
@@ -19233,7 +19233,7 @@
"shortName": "OTORIO",
"cnaID": "CNA-2023-0074",
"organizationName": "OTORIO LTD.",
- "scope": "All OTORIO products, as well as vulnerabilities in third-party software discovered by OTORIO that are not in another CNA’s scope",
+ "scope": "All OTORIO products, as well as vulnerabilities in third-party software discovered by OTORIO that are not in another CNA’s scope.",
"contact": [
{
"email": [
@@ -19290,7 +19290,7 @@
"shortName": "SmileDigitalHealth",
"cnaID": "CNA-2023-0075",
"organizationName": "Smile CDR Inc. (doing business as “Smile Digital Health”)",
- "scope": "All Smile Digital Health products and HAPI FHIR",
+ "scope": "All Smile Digital Health products and HAPI FHIR.",
"contact": [
{
"email": [
@@ -19347,7 +19347,7 @@
"shortName": "WSO2",
"cnaID": "CNA-2023-0076",
"organizationName": "WSO2 LLC",
- "scope": "WSO2 products and services scoped under Responsible Disclosure Program https://security.docs.wso2.com/en/latest/security-reporting/reward-and-acknowledgement-program/#products-services-in-scope",
+ "scope": "WSO2 products and services scoped under Responsible Disclosure Program https://security.docs.wso2.com/en/latest/security-reporting/reward-and-acknowledgement-program/#products-services-in-scope.",
"contact": [
{
"email": [
@@ -19405,7 +19405,7 @@
"shortName": "ARCON",
"cnaID": "CNA-2023-0077",
"organizationName": "ARCON Techsolutions Private Limited",
- "scope": "Vulnerabilities in ARCON’s products only",
+ "scope": "Vulnerabilities in ARCON’s products only.",
"contact": [
{
"email": [
@@ -19461,7 +19461,7 @@
"shortName": "Checkmarx",
"cnaID": "CNA-2023-0078",
"organizationName": "Checkmarx",
- "scope": "Vulnerabilities in Checkmarx products and open source vulnerabilities discovered by, or reported to, Checkmarx, that are not in another CNA’s scope",
+ "scope": "Vulnerabilities in Checkmarx products and open source vulnerabilities discovered by, or reported to, Checkmarx, that are not in another CNA’s scope.",
"contact": [
{
"email": [
@@ -19519,7 +19519,7 @@
"shortName": "ASR",
"cnaID": "CNA-2023-0079",
"organizationName": "ASR Microelectronics Co., Ltd.",
- "scope": "ASR products only",
+ "scope": "ASR products only.",
"contact": [
{
"email": [
@@ -19575,7 +19575,7 @@
"shortName": "Ciena",
"cnaID": "CNA-2023-0080",
"organizationName": "Ciena Corporation",
- "scope": "Ciena and Blue Planet branded products and technologies only",
+ "scope": "Ciena and Blue Planet branded products and technologies only.",
"contact": [
{
"email": [
@@ -19631,7 +19631,7 @@
"shortName": "ManageEngine",
"cnaID": "CNA-2023-0081",
"organizationName": "ManageEngine",
- "scope": "ManageEngine products only",
+ "scope": "ManageEngine products only.",
"contact": [
{
"email": [
@@ -19687,7 +19687,7 @@
"shortName": "Fortra",
"cnaID": "CNA-2023-0082",
"organizationName": "Fortra, LLC",
- "scope": "All Fortra products and vulnerabilities discovered by Fortra in other products not covered by the scope of another CNA",
+ "scope": "All Fortra products and vulnerabilities discovered by Fortra in other products not covered by the scope of another CNA.",
"contact": [
{
"email": [
@@ -19744,7 +19744,7 @@
"shortName": "EDB",
"cnaID": "CNA-2023-0083",
"organizationName": "EnterpriseDB Corporation",
- "scope": "All EnterpriseDB products and vulnerabilities identified in open source libraries used by EnterpriseDB products unless covered by another CNA’s scope",
+ "scope": "All EnterpriseDB products and vulnerabilities identified in open source libraries used by EnterpriseDB products unless covered by another CNA’s scope.",
"contact": [
{
"email": [
@@ -19801,7 +19801,7 @@
"shortName": "HiddenLayer",
"cnaID": "CNA-2023-0084",
"organizationName": "HiddenLayer, Inc.",
- "scope": "All HiddenLayer systems, services, and products, as well as vulnerabilities in third-party software discovered by HiddenLayer that are not in another CNA’s scope",
+ "scope": "All HiddenLayer systems, services, and products, as well as vulnerabilities in third-party software discovered by HiddenLayer that are not in another CNA’s scope.",
"contact": [
{
"email": [
@@ -19859,7 +19859,7 @@
"shortName": "arcinfo",
"cnaID": "CNA-2023-0085",
"organizationName": "ARC Informatique",
- "scope": "ARC Informatique products and services",
+ "scope": "ARC Informatique products and services.",
"contact": [
{
"email": [
@@ -19915,7 +19915,7 @@
"shortName": "ConcreteCMS",
"cnaID": "CNA-2024-0001",
"organizationName": "Concrete CMS",
- "scope": "Concrete CMS Core versions 8.5 and above",
+ "scope": "Concrete CMS Core versions 8.5 and above.",
"contact": [
{
"email": [
@@ -19980,7 +19980,7 @@
"shortName": "Pentraze",
"cnaID": "CNA-2024-0002",
"organizationName": "Pentraze Cybersecurity",
- "scope": "Vulnerabilities in third-party software discovered by Pentraze Cybersecurity that are not in another CNA’s scope",
+ "scope": "Vulnerabilities in third-party software discovered by Pentraze Cybersecurity that are not in another CNA’s scope.",
"contact": [
{
"email": [
@@ -20036,7 +20036,7 @@
"shortName": "ELAN",
"cnaID": "CNA-2024-0003",
"organizationName": "ELAN Microelectronics Corp.",
- "scope": "ELAN issues only",
+ "scope": "ELAN issues only.",
"contact": [
{
"email": [
@@ -20096,7 +20096,7 @@
"shortName": "ChromeOS",
"cnaID": "CNA-2024-0004",
"organizationName": "ChromeOS Project",
- "scope": "Vulnerabilities that are (1) reported to ChromeOS Security, (2) affect ChromeOS device software and hardware, including our open source dependencies, and (3) are not covered by another CNA’s scope",
+ "scope": "Vulnerabilities that are (1) reported to ChromeOS Security, (2) affect ChromeOS device software and hardware, including our open source dependencies, and (3) are not covered by another CNA’s scope.",
"contact": [
{
"email": [
@@ -20153,7 +20153,7 @@
"shortName": "PostgreSQL",
"cnaID": "CNA-2024-0005",
"organizationName": "PostgreSQL",
- "scope": "postgresql.org/download software and related projects listed at postgresql.org/support/security",
+ "scope": "postgresql.org/download software and related projects listed at postgresql.org/support/security.",
"contact": [
{
"email": [
@@ -20209,7 +20209,7 @@
"shortName": "curl",
"cnaID": "CNA-2024-0006",
"organizationName": "curl",
- "scope": "All products made and managed by the curl project. This includes curl, libcurl, and trurl",
+ "scope": "All products made and managed by the curl project. This includes curl, libcurl, and trurl.",
"contact": [
{
"email": [
@@ -20265,7 +20265,7 @@
"shortName": "milestonesys",
"cnaID": "CNA-2024-0007",
"organizationName": "Milestone Systems A/S",
- "scope": "Supported Milestone XProtect products",
+ "scope": "Supported Milestone XProtect products.",
"contact": [
{
"email": [
@@ -20321,7 +20321,7 @@
"shortName": "ENISA",
"cnaID": "CNA-2024-0008",
"organizationName": "EU Agency for Cybersecurity (ENISA)",
- "scope": "Vulnerabilities in information technology (IT) products discovered by European Union (EU) Computer Security Incident Response Teams (CSIRTs) or reported to EU CSIRTs for coordinated disclosure, as long as they do not fall under a CNA with a more specific scope",
+ "scope": "Vulnerabilities in information technology (IT) products discovered by European Union (EU) Computer Security Incident Response Teams (CSIRTs) or reported to EU CSIRTs for coordinated disclosure, as long as they do not fall under a CNA with a more specific scope.",
"contact": [
{
"email": [],
@@ -20377,7 +20377,7 @@
"shortName": "Sonatype",
"cnaID": "CNA-2024-0009",
"organizationName": "Sonatype Inc.",
- "scope": "All Sonatype products and vulnerabilities in third-party software discovered by Sonatype that are not in another CNA’s scope",
+ "scope": "All Sonatype products and vulnerabilities in third-party software discovered by Sonatype that are not in another CNA’s scope.",
"contact": [
{
"email": [
@@ -20434,7 +20434,7 @@
"shortName": "ERIC",
"cnaID": "CNA-2024-0010",
"organizationName": "Ericsson",
- "scope": "Ericsson issues only",
+ "scope": "Ericsson issues only.",
"contact": [
{
"email": [
@@ -20490,7 +20490,7 @@
"shortName": "tlt_net",
"cnaID": "CNA-2024-0011",
"organizationName": "Teltonika Networks",
- "scope": "Teltonika Networks products and services only",
+ "scope": "Teltonika Networks products and services only.",
"contact": [
{
"email": [],
@@ -20546,7 +20546,7 @@
"shortName": "FSI",
"cnaID": "CNA-2024-0012",
"organizationName": "Financial Security Institute (FSI)",
- "scope": "Vulnerability assignment related to FSI’s vulnerability coordination role in the South Korea financial sector that are not in another CNA’s scope",
+ "scope": "Vulnerability assignment related to FSI’s vulnerability coordination role in the South Korea financial sector that are not in another CNA’s scope.",
"contact": [
{
"email": [
@@ -20604,7 +20604,7 @@
"shortName": "glibc",
"cnaID": "CNA-2024-0013",
"organizationName": "GNU C Library",
- "scope": "Security issues and vulnerabilities in the GNU C Library",
+ "scope": "Security issues and vulnerabilities in the GNU C Library.",
"contact": [
{
"email": [
@@ -20660,7 +20660,7 @@
"shortName": "teleport",
"cnaID": "CNA-2024-0014",
"organizationName": "Teleport",
- "scope": "All Teleport (Gravitational, Inc.) products (supported products and end-of-life/end-of-service products), as well as vulnerabilities in third-party software discovered by Teleport that are not in another CNA’s scope",
+ "scope": "All Teleport (Gravitational, Inc.) products (supported products and end-of-life/end-of-service products), as well as vulnerabilities in third-party software discovered by Teleport that are not in another CNA’s scope.",
"contact": [
{
"email": [],
@@ -20723,7 +20723,7 @@
"shortName": "BT",
"cnaID": "CNA-2024-0015",
"organizationName": "BeyondTrust Inc.",
- "scope": "All BeyondTrust products, including PasswordSafe, Privileged Remote Access, Remote Support, Privilege Management for Windows/Mac, Privilege Management for Unix/Linux, Identity Security Insights, Active Directory (AD) Bridge, and Total PASM",
+ "scope": "All BeyondTrust products, including PasswordSafe, Privileged Remote Access, Remote Support, Privilege Management for Windows/Mac, Privilege Management for Unix/Linux, Identity Security Insights, Active Directory (AD) Bridge, and Total PASM.",
"contact": [
{
"email": [
@@ -20779,7 +20779,7 @@
"shortName": "Linux",
"cnaID": "CNA-2024-0016",
"organizationName": "kernel.org",
- "scope": "Any vulnerabilities in the Linux kernel as listed on kernel.org, excluding end-of-life (EOL) versions",
+ "scope": "Any vulnerabilities in the Linux kernel as listed on kernel.org, excluding end-of-life (EOL) versions.",
"contact": [
{
"email": [
@@ -20836,7 +20836,7 @@
"shortName": "DevCycle",
"cnaID": "CNA-2024-0017",
"organizationName": "DevCycle",
- "scope": "All DevCycle products (including end-of-life/end-of-service products) as listed on https://devcycle.com/",
+ "scope": "All DevCycle products (including end-of-life/end-of-service products) as listed on https://devcycle.com/.",
"contact": [
{
"email": [
@@ -20894,7 +20894,7 @@
"shortName": "directcyber",
"cnaID": "CNA-2024-0018",
"organizationName": "DirectCyber",
- "scope": "Issues in third-party products identified by or reported to DirectCyber, unless covered by the scope of another CNA",
+ "scope": "Issues in third-party products identified by or reported to DirectCyber, unless covered by the scope of another CNA.",
"contact": [
{
"email": [
@@ -20951,7 +20951,7 @@
"shortName": "sec1",
"cnaID": "CNA-2024-0019",
"organizationName": "Sec1",
- "scope": "Vulnerabilities found in cybersecurity software solutions developed and maintained by Sec1 as listed on https://sec1.io/, and vulnerabilities identified in software projects or products where Sec1 has a direct and substantial contribution or partnership, unless covered by the scope of another CNA",
+ "scope": "Vulnerabilities found in cybersecurity software solutions developed and maintained by Sec1 as listed on https://sec1.io/, and vulnerabilities identified in software projects or products where Sec1 has a direct and substantial contribution or partnership, unless covered by the scope of another CNA.",
"contact": [
{
"email": [
@@ -21007,7 +21007,7 @@
"shortName": "TECNOMobile",
"cnaID": "CNA-2024-0020",
"organizationName": "TECNO Mobile Limited",
- "scope": "Vulnerabilities in TECNO products and services only",
+ "scope": "Vulnerabilities in TECNO products and services only.",
"contact": [
{
"email": [
@@ -21063,7 +21063,7 @@
"shortName": "CoolKit",
"cnaID": "CNA-2024-0021",
"organizationName": "SHENZHEN CoolKit Technology CO., LTD.",
- "scope": "Products of eWeLink Solutions only, details are available at https://ewelink.cc/our-projects-scope/",
+ "scope": "Products of eWeLink Solutions only, details are available at https://ewelink.cc/our-projects-scope/.",
"contact": [
{
"email": [],
@@ -21119,7 +21119,7 @@
"shortName": "openam-jp",
"cnaID": "CNA-2024-0022",
"organizationName": "OpenAM Consortium",
- "scope": "Open source projects hosted on https://github.com/openam-jp",
+ "scope": "Open source projects hosted on https://github.com/openam-jp.",
"contact": [
{
"email": [
@@ -21176,7 +21176,7 @@
"shortName": "rami.io",
"cnaID": "CNA-2024-0023",
"organizationName": "rami.io GmbH",
- "scope": "All rami.io GmbH products and open source projects, including pretix, official pretix plugins and apps, and Venueless",
+ "scope": "All rami.io GmbH products and open source projects, including pretix, official pretix plugins and apps, and Venueless.",
"contact": [
{
"email": [
@@ -21234,7 +21234,7 @@
"shortName": "Dremio",
"cnaID": "CNA-2024-0024",
"organizationName": "Dremio Corporation",
- "scope": "All Dremio Corporation products",
+ "scope": "All Dremio Corporation products.",
"contact": [
{
"email": [
@@ -21291,7 +21291,7 @@
"shortName": "JAMF",
"cnaID": "CNA-2024-0025",
"organizationName": "Jamf",
- "scope": "Jamf issues and Jamf Open Source",
+ "scope": "Jamf issues and Jamf Open Source.",
"contact": [
{
"email": [
@@ -21352,7 +21352,7 @@
"shortName": "Edgewatch",
"cnaID": "CNA-2024-0026",
"organizationName": "Edgewatch Security Intelligence",
- "scope": "Vulnerabilities in third-party software discovered by Edgewatch that are not in another CNA’s scope",
+ "scope": "Vulnerabilities in third-party software discovered by Edgewatch that are not in another CNA’s scope.",
"contact": [
{
"email": [
@@ -21409,7 +21409,7 @@
"shortName": "cirosec",
"cnaID": "CNA-2024-0027",
"organizationName": "cirosec GmbH",
- "scope": "Vulnerabilities discovered by or reported to cirosec researchers that are not in another CNA’s scope",
+ "scope": "Vulnerabilities discovered by or reported to cirosec researchers that are not in another CNA’s scope.",
"contact": [
{
"email": [
@@ -21465,7 +21465,7 @@
"shortName": "Microchip",
"cnaID": "CNA-2024-0028",
"organizationName": "Microchip Technology",
- "scope": "Microchip Technology products only",
+ "scope": "Microchip Technology products only.",
"contact": [
{
"email": [
@@ -21521,7 +21521,7 @@
"shortName": "Tego_Cyber",
"cnaID": "CNA-2024-0029",
"organizationName": "Tego Cyber, Inc.",
- "scope": "Tego Cyber issues and vulnerabilities discovered by Tego in third-party products, unless covered under the scope of another CNA",
+ "scope": "Tego Cyber issues and vulnerabilities discovered by Tego in third-party products, unless covered under the scope of another CNA.",
"contact": [
{
"email": [
@@ -21578,7 +21578,7 @@
"shortName": "N-able",
"cnaID": "CNA-2024-0030",
"organizationName": "N-able",
- "scope": "N-able branded products and technologies only",
+ "scope": "N-able branded products and technologies only.",
"contact": [
{
"email": [
@@ -21634,7 +21634,7 @@
"shortName": "OS-S",
"cnaID": "CNA-2024-0031",
"organizationName": "OpenSource Security GmbH",
- "scope": "Vulnerabilities discovered by or reported to OpenSource Security, unless covered by another CNA’s scope",
+ "scope": "Vulnerabilities discovered by or reported to OpenSource Security, unless covered by another CNA’s scope.",
"contact": [
{
"email": [
@@ -21690,7 +21690,7 @@
"shortName": "TXOne",
"cnaID": "CNA-2024-0032",
"organizationName": "TXOne Networks, Inc.",
- "scope": "Vulnerabilities in TXOne Networks products, including end-of-life products, or third-party operational technology (OT) and industrial control systems (ICS) products, unless covered by the scope of another CNA",
+ "scope": "Vulnerabilities in TXOne Networks products, including end-of-life products, or third-party operational technology (OT) and industrial control systems (ICS) products, unless covered by the scope of another CNA.",
"contact": [
{
"email": [
@@ -21747,7 +21747,7 @@
"shortName": "SCIEX",
"cnaID": "CNA-2024-0033",
"organizationName": "SCIEX",
- "scope": "SCIEX branded products only",
+ "scope": "SCIEX branded products only.",
"contact": [
{
"email": [],
@@ -21803,7 +21803,7 @@
"shortName": "LMS",
"cnaID": "CNA-2024-0034",
"organizationName": "Leica Microsystems",
- "scope": "Leica Microsystems products as listed on https://www.leica-microsystems.com/products",
+ "scope": "Leica Microsystems products as listed on https://www.leica-microsystems.com/products.",
"contact": [
{
"email": [
@@ -21859,7 +21859,7 @@
"shortName": "vx",
"cnaID": "CNA-2024-0035",
"organizationName": "VotingWorks",
- "scope": "Vulnerabilities in VotingWorks voting systems, hardware, and software",
+ "scope": "Vulnerabilities in VotingWorks voting systems, hardware, and software.",
"contact": [
{
"email": [
@@ -21916,7 +21916,7 @@
"shortName": "ConnectWise",
"cnaID": "CNA-2024-0036",
"organizationName": "ConnectWise LLC",
- "scope": "All ConnectWise products and services and vulnerabilities discovered by ConnectWise in third party products that are not within another CNA’s scope",
+ "scope": "All ConnectWise products and services and vulnerabilities discovered by ConnectWise in third party products that are not within another CNA’s scope.",
"contact": [
{
"email": [
@@ -21982,7 +21982,7 @@
"shortName": "ClickHouse",
"cnaID": "CNA-2024-0037",
"organizationName": "ClickHouse, Inc.",
- "scope": "ClickHouse-owned products, not including end-of-life components",
+ "scope": "ClickHouse-owned products, not including end-of-life components.",
"contact": [
{
"email": [
@@ -22039,7 +22039,7 @@
"shortName": "sba-research",
"cnaID": "CNA-2024-0038",
"organizationName": "SBA Research gGmbH",
- "scope": "Vulnerabilities discovered by SBA Research or reported to SBA Research by partner organizations that are not in another CNA’s scope",
+ "scope": "Vulnerabilities discovered by SBA Research or reported to SBA Research by partner organizations that are not in another CNA’s scope.",
"contact": [
{
"email": [
@@ -22095,7 +22095,7 @@
"shortName": "WindRiver",
"cnaID": "CNA-2024-0039",
"organizationName": "Wind River Systems Inc.",
- "scope": "All Wind River branded products as found on windriver.com including vulnerabilities in natively developed or modified product incorporated components, and only product incorporated third-party components not in another CNA’s scope",
+ "scope": "All Wind River branded products as found on windriver.com including vulnerabilities in natively developed or modified product incorporated components, and only product incorporated third-party components not in another CNA’s scope.",
"contact": [
{
"email": [
@@ -22151,7 +22151,7 @@
"shortName": "KoreLogic",
"cnaID": "CNA-2024-0040",
"organizationName": "KoreLogic Security",
- "scope": "Vulnerabilities in the KoreLogic website and other KoreLogic controlled assets, as well as vulnerabilities discovered by or reported to KoreLogic, unless covered by the scope of another CNA",
+ "scope": "Vulnerabilities in the KoreLogic website and other KoreLogic controlled assets, as well as vulnerabilities discovered by or reported to KoreLogic, unless covered by the scope of another CNA.",
"contact": [
{
"email": [
@@ -22207,7 +22207,7 @@
"shortName": "HeroDevs",
"cnaID": "CNA-2024-0041",
"organizationName": "HeroDevs",
- "scope": "End of life open source projects supported by HeroDevs if hosted on HeroDevs.com, or issues in open source projects discovered by or reported to HeroDevs, unless covered by the scope of another CNA",
+ "scope": "End of life open source projects supported by HeroDevs if hosted on HeroDevs.com, or issues in open source projects discovered by or reported to HeroDevs, unless covered by the scope of another CNA.",
"contact": [
{
"email": [
@@ -22265,7 +22265,7 @@
"shortName": "Kong",
"cnaID": "CNA-2024-0042",
"organizationName": "Kong Inc.",
- "scope": "Kong products; Kong Konnect, Kong Enterprise, Kong Mesh, and Kong Insomnia, including Kong Opensource; Kong Gateway, Kuma, Insomnia",
+ "scope": "Kong products; Kong Konnect, Kong Enterprise, Kong Mesh, and Kong Insomnia, including Kong Opensource; Kong Gateway, Kuma, Insomnia.",
"contact": [
{
"email": [
@@ -22321,7 +22321,7 @@
"shortName": "upKeeper",
"cnaID": "CNA-2024-0043",
"organizationName": "upKeeper Solutions",
- "scope": "All upKeeper Solutions products, excluding end-of-life (EOL) as listed in the upKeeper Solutions End of Life Policy",
+ "scope": "All upKeeper Solutions products, excluding end-of-life (EOL) as listed in the upKeeper Solutions End of Life Policy.",
"contact": [
{
"email": [
@@ -22377,7 +22377,7 @@
"shortName": "Cato",
"cnaID": "CNA-2024-0044",
"organizationName": "Cato Networks",
- "scope": "All Cato Networks products and vulnerabilities in third-party products affecting Cato products unless covered by the scope of another CNA",
+ "scope": "All Cato Networks products and vulnerabilities in third-party products affecting Cato products unless covered by the scope of another CNA.",
"contact": [
{
"email": [
@@ -22434,7 +22434,7 @@
"shortName": "AMZN",
"cnaID": "CNA-2024-0045",
"organizationName": "Amazon",
- "scope": "All Amazon and AWS products (including subsidiaries, supported, and EOL/EOS products), as well as vulnerabilities in third party software discovered by Amazon/AWS that are not in another CNA’s scope",
+ "scope": "All Amazon and AWS products (including subsidiaries, supported, and EOL/EOS products), as well as vulnerabilities in third party software discovered by Amazon/AWS that are not in another CNA’s scope.",
"contact": [
{
"email": [
@@ -22492,7 +22492,7 @@
"shortName": "RealPage",
"cnaID": "CNA-2024-0046",
"organizationName": "RealPage",
- "scope": "Vulnerabilities in RealPage products and services including but not limited to: Keyready, Knock CRM, HomeWiseDocs, REDS (Real Estate Data Solutions), G5, WhiteSky Communications, Chirp Systems, STRATIS IoT, Modern Message (Community Rewards), Hipercept, Investor Management Services, AIM, FUEL, Buildium, All Property Management, SimpleBills, DepositIQ, Rentlytics, ClickPay, LeaseLabs, PEX, On-Site, American Utility Management (AUM), Axiometrics, Lease Rent Optimization (LRO), AssetEye, NWP Services Corporation, Indatus, ActiveBuilding, RentMineOnline (RMO), MyNewPlace, Compliance Depot, SeniorLiving.net, eREI, Domin-8, Level One, Propertyware, Opstechnology, LeasingDesk, and YieldStar",
+ "scope": "Vulnerabilities in RealPage products and services including but not limited to: Keyready, Knock CRM, HomeWiseDocs, REDS (Real Estate Data Solutions), G5, WhiteSky Communications, Chirp Systems, STRATIS IoT, Modern Message (Community Rewards), Hipercept, Investor Management Services, AIM, FUEL, Buildium, All Property Management, SimpleBills, DepositIQ, Rentlytics, ClickPay, LeaseLabs, PEX, On-Site, American Utility Management (AUM), Axiometrics, Lease Rent Optimization (LRO), AssetEye, NWP Services Corporation, Indatus, ActiveBuilding, RentMineOnline (RMO), MyNewPlace, Compliance Depot, SeniorLiving.net, eREI, Domin-8, Level One, Propertyware, Opstechnology, LeasingDesk, and YieldStar.",
"contact": [
{
"email": [
@@ -22548,7 +22548,7 @@
"shortName": "Huntress",
"cnaID": "CNA-2024-0047",
"organizationName": "Huntress Labs Inc.",
- "scope": "All Huntress products, as well as vulnerabilities in third-party software discovered by Huntress that are not in another CNA’s scope",
+ "scope": "All Huntress products, as well as vulnerabilities in third-party software discovered by Huntress that are not in another CNA’s scope.",
"contact": [
{
"email": [
@@ -22605,7 +22605,7 @@
"shortName": "Forescout",
"cnaID": "CNA-2024-0048",
"organizationName": "Forescout Technologies",
- "scope": "Forescout issues only",
+ "scope": "Forescout issues only.",
"contact": [
{
"email": [
@@ -22661,7 +22661,7 @@
"shortName": "9front",
"cnaID": "CNA-2024-0049",
"organizationName": "9front Systems",
- "scope": "All software produced as part of the Plan9front open source operating system, as well as its applications and cyberinfrastructure. Vulnerabilities discovered by or reported to 9front Systems for all Plan 9 software not covered by the scope of another CNA",
+ "scope": "All software produced as part of the Plan9front open source operating system, as well as its applications and cyberinfrastructure. Vulnerabilities discovered by or reported to 9front Systems for all Plan 9 software not covered by the scope of another CNA.",
"contact": [
{
"email": [
@@ -22717,7 +22717,7 @@
"shortName": "ivanti",
"cnaID": "CNA-2024-0050",
"organizationName": "Ivanti",
- "scope": "Vulnerabilities in supported Ivanti products and infrastructure, excluding third-party components, and meeting severity thresholds defined in Ivanti’s Disclosure Policy found here",
+ "scope": "Vulnerabilities in supported Ivanti products and infrastructure, excluding third-party components, and meeting severity thresholds defined in Ivanti’s Disclosure Policy found here.",
"contact": [
{
"email": [
@@ -22773,7 +22773,7 @@
"shortName": "imaginationtech",
"cnaID": "CNA-2024-0051",
"organizationName": "Imagination Technologies",
- "scope": "Imagination Technologies branded products and technologies and Imagination Technologies (IMG) managed open source projects",
+ "scope": "Imagination Technologies branded products and technologies and Imagination Technologies (IMG) managed open source projects.",
"contact": [
{
"email": [
@@ -22830,7 +22830,7 @@
"shortName": "Intigriti",
"cnaID": "CNA-2024-0052",
"organizationName": "Intigriti",
- "scope": "Vulnerabilities in Intigriti products and vulnerabilities discovered by, or reported to, Intigriti that are not in another CNA’s scope",
+ "scope": "Vulnerabilities in Intigriti products and vulnerabilities discovered by, or reported to, Intigriti that are not in another CNA’s scope.",
"contact": [
{
"email": [
@@ -22888,7 +22888,7 @@
"shortName": "Stryker",
"cnaID": "CNA-2024-0053",
"organizationName": "Stryker Corporation",
- "scope": "All products of Stryker or a Stryker company including end-of-life/end-of-service products, and vulnerabilities in third-party software used in Stryker products that are not in another CNA’s scope",
+ "scope": "All products of Stryker or a Stryker company including end-of-life/end-of-service products, and vulnerabilities in third-party software used in Stryker products that are not in another CNA’s scope.",
"contact": [
{
"email": [
@@ -22945,7 +22945,7 @@
"shortName": "watchdog",
"cnaID": "CNA-2024-0054",
"organizationName": "WatchDogDevelopment.com, LLC",
- "scope": "All WatchDog products",
+ "scope": "All WatchDog products.",
"contact": [
{
"email": [
@@ -23001,7 +23001,7 @@
"shortName": "Proton",
"cnaID": "CNA-2024-0056",
"organizationName": "Proton AG",
- "scope": "Proton AG issues only",
+ "scope": "Proton AG issues only.",
"contact": [
{
"email": [
@@ -23057,7 +23057,7 @@
"shortName": "Wiz",
"cnaID": "CNA-2024-0057",
"organizationName": "Wiz, Inc.",
- "scope": "Vulnerabilities identified in Wiz products, and vulnerabilities discovered by, or reported to, Wiz that are not in another CNA’s scope",
+ "scope": "Vulnerabilities identified in Wiz products, and vulnerabilities discovered by, or reported to, Wiz that are not in another CNA’s scope.",
"contact": [
{
"email": [
@@ -23114,7 +23114,7 @@
"shortName": "Supermicro",
"cnaID": "CNA-2024-0058",
"organizationName": "Super Micro Computer, Inc.",
- "scope": "Supermicro branded products, managed system, or software projects",
+ "scope": "Supermicro branded products, managed system, or software projects.",
"contact": [
{
"email": [
@@ -23170,7 +23170,7 @@
"shortName": "MON-CSIRT",
"cnaID": "CNA-2024-0059",
"organizationName": "Monash University - Cyber Security Incident Response Team",
- "scope": "Vulnerabilities in any Monash University developed products, or vulnerabilities identified in third-party vendor products used by Monash University, unless covered by the scope of another CNA",
+ "scope": "Vulnerabilities in any Monash University developed products, or vulnerabilities identified in third-party vendor products used by Monash University, unless covered by the scope of another CNA.",
"contact": [
{
"email": [
@@ -23228,7 +23228,7 @@
"shortName": "seal",
"cnaID": "CNA-2024-0060",
"organizationName": "Seal Security",
- "scope": "Vulnerabilities in Seal products or services and vulnerabilities discovered in open source libraries unless covered by the scope of another CNA",
+ "scope": "Vulnerabilities in Seal products or services and vulnerabilities discovered in open source libraries unless covered by the scope of another CNA.",
"contact": [
{
"email": [
@@ -23285,7 +23285,7 @@
"shortName": "Cytiva",
"cnaID": "CNA-2024-0061",
"organizationName": "Cytiva",
- "scope": "Cytiva branded products only",
+ "scope": "Cytiva branded products only.",
"contact": [
{
"email": [
@@ -23341,7 +23341,7 @@
"shortName": "Arxscan",
"cnaID": "CNA-2024-0062",
"organizationName": "Arxscan, Inc.",
- "scope": "Arxscan issues only",
+ "scope": "Arxscan issues only.",
"contact": [
{
"email": [],
@@ -23397,7 +23397,7 @@
"shortName": "PlexTrac",
"cnaID": "CNA-2024-0063",
"organizationName": "PlexTrac, Inc.",
- "scope": "Vulnerabilities within PlexTrac’s products",
+ "scope": "Vulnerabilities within PlexTrac’s products.",
"contact": [
{
"email": [
@@ -23453,7 +23453,7 @@
"shortName": "ASUS",
"cnaID": "CNA-2024-0064",
"organizationName": "ASUSTeK Computer Incorporation",
- "scope": "ASUS issues only",
+ "scope": "ASUS issues only.",
"contact": [
{
"email": [
@@ -23509,7 +23509,7 @@
"shortName": "Pall",
"cnaID": "CNA-2024-0065",
"organizationName": "Pall Corporation",
- "scope": "Pall branded products only",
+ "scope": "Pall branded products only.",
"contact": [
{
"email": [
@@ -23565,7 +23565,7 @@
"shortName": "MyMMT",
"cnaID": "CNA-2024-0066",
"organizationName": "Mammotome",
- "scope": "All Mammotome products",
+ "scope": "All Mammotome products.",
"contact": [
{
"email": [],
@@ -23621,7 +23621,7 @@
"shortName": "wikimedia-foundation",
"cnaID": "CNA-2024-0067",
"organizationName": "The Wikimedia Foundation",
- "scope": "Any code repository hosted under gerrit.wikimedia.org, gitlab.wikimedia.org, or github.com/wikimedia that is not labeled as archived or marked as a fork of an upstream project. Please see our disclosure policy for additional exclusions to scope",
+ "scope": "Any code repository hosted under gerrit.wikimedia.org, gitlab.wikimedia.org, or github.com/wikimedia that is not labeled as archived or marked as a fork of an upstream project. Please see our disclosure policy for additional exclusions to scope.",
"contact": [
{
"email": [
@@ -23677,7 +23677,7 @@
"shortName": "RTI",
"cnaID": "CNA-2024-0068",
"organizationName": "Real-Time Innovations, Inc.",
- "scope": "All RTI Connext products, including EOL products. See https://www.rti.com/products for more information",
+ "scope": "All RTI Connext products, including EOL products. See https://www.rti.com/products for more information.",
"contact": [
{
"email": [
@@ -23733,7 +23733,7 @@
"shortName": "PingCAP",
"cnaID": "CNA-2024-0069",
"organizationName": "PingCAP (US), Inc.",
- "scope": "Vulnerabilities in the following PingCAP maintained products and components: TiDB (code available at https://github.com/pingcap/tidb); TiKV (code available at https://github.com/tikv/tikv); PD (Placement Driver, code available at https://github.com/tikv/pd); TiFlash (code available at https://github.com/pingcap/tiflash); and tidbcloud (PingCAP’s cloud database service). This scope includes vulnerabilities in all supported versions of these products. CVE IDs will not be assigned for vulnerabilities found in unsupported versions or for third-party dependencies not maintained by PingCAP",
+ "scope": "Vulnerabilities in the following PingCAP maintained products and components: TiDB (code available at https://github.com/pingcap/tidb); TiKV (code available at https://github.com/tikv/tikv); PD (Placement Driver, code available at https://github.com/tikv/pd); TiFlash (code available at https://github.com/pingcap/tiflash); and tidbcloud (PingCAP’s cloud database service). This scope includes vulnerabilities in all supported versions of these products. CVE IDs will not be assigned for vulnerabilities found in unsupported versions or for third-party dependencies not maintained by PingCAP.",
"contact": [
{
"email": [
@@ -23791,7 +23791,7 @@
"shortName": "OMRON",
"cnaID": "CNA-2024-0070",
"organizationName": "OMRON Corporation",
- "scope": "Omron Group companies’ Industrial Automation, Healthcare, Social Systems, Device & Module Solutions issues only",
+ "scope": "Omron Group companies’ Industrial Automation, Healthcare, Social Systems, Device & Module Solutions issues only.",
"contact": [
{
"email": [],
@@ -23847,7 +23847,7 @@
"shortName": "CSA",
"cnaID": "CNA-2024-0071",
"organizationName": "Cyber Security Agency of Singapore",
- "scope": "Vulnerabilities reported to CSA unless covered by the scope of another CNA",
+ "scope": "Vulnerabilities reported to CSA unless covered by the scope of another CNA.",
"contact": [
{
"email": [
@@ -23903,7 +23903,7 @@
"shortName": "LeicaBiosystems",
"cnaID": "CNA-2024-0072",
"organizationName": "Leica Biosystems",
- "scope": "All Leica Biosystems products",
+ "scope": "All Leica Biosystems products.",
"contact": [
{
"email": [
@@ -23959,7 +23959,7 @@
"shortName": "Neo4j",
"cnaID": "CNA-2024-0073",
"organizationName": "Neo4j",
- "scope": "Neo4j products and Neo4j-maintained projects only, not including end-of-life components or products",
+ "scope": "Neo4j products and Neo4j-maintained projects only, not including end-of-life components or products.",
"contact": [
{
"email": [
@@ -24016,7 +24016,7 @@
"shortName": "OnLogic",
"cnaID": "CNA-2024-0074",
"organizationName": "OnLogic",
- "scope": "OnLogic issues only",
+ "scope": "OnLogic issues only.",
"contact": [
{
"email": [
@@ -24072,7 +24072,7 @@
"shortName": "OB",
"cnaID": "CNA-2024-0075",
"organizationName": "OceanBase",
- "scope": "OceanBase products only, not including end-of-life components or products",
+ "scope": "OceanBase products only, not including end-of-life components or products.",
"contact": [
{
"email": [
@@ -24128,7 +24128,7 @@
"shortName": "Gridware",
"cnaID": "CNA-2024-0076",
"organizationName": "Gridware Cybersecurity",
- "scope": "Gridware software, services, and infrastructure issues, as well as vulnerabilities discovered by or reported to Gridware researchers that are not in another CNA’s scope",
+ "scope": "Gridware software, services, and infrastructure issues, as well as vulnerabilities discovered by or reported to Gridware researchers that are not in another CNA’s scope.",
"contact": [
{
"email": [
@@ -24184,7 +24184,7 @@
"shortName": "BECDX",
"cnaID": "CNA-2024-0077",
"organizationName": "Beckman Coulter Diagnostics",
- "scope": "Beckman Coulter Diagnostics manufactured products and technologies only",
+ "scope": "Beckman Coulter Diagnostics manufactured products and technologies only.",
"contact": [
{
"email": [
@@ -24240,7 +24240,7 @@
"shortName": "Omnissa",
"cnaID": "CNA-2024-0078",
"organizationName": "Omnissa, LLC",
- "scope": "All Omnissa products and services, including Workspace ONE and Horizon",
+ "scope": "All Omnissa products and services, including Workspace ONE and Horizon.",
"contact": [
{
"email": [
@@ -24296,7 +24296,7 @@
"shortName": "graphql-java",
"cnaID": "CNA-2024-0079",
"organizationName": "GraphQL Java",
- "scope": "GraphQL Java, Java DataLoader, GraphQL Java Extended Scalars, and GraphQL Java Extended Validation",
+ "scope": "GraphQL Java, Java DataLoader, GraphQL Java Extended Scalars, and GraphQL Java Extended Validation.",
"contact": [
{
"email": [
@@ -24358,7 +24358,7 @@
"shortName": "BECLS",
"cnaID": "CNA-2024-0080",
"organizationName": "Beckman Coulter Life Sciences",
- "scope": "Beckman Coulter Life Sciences manufactured products and technologies only",
+ "scope": "Beckman Coulter Life Sciences manufactured products and technologies only.",
"contact": [
{
"email": [
@@ -24414,7 +24414,7 @@
"shortName": "Radiometer",
"cnaID": "CNA-2024-0081",
"organizationName": "Radiometer Medical ApS",
- "scope": "Radiometer products only",
+ "scope": "Radiometer products only.",
"contact": [
{
"email": [
@@ -24470,7 +24470,7 @@
"shortName": "Deltaww",
"cnaID": "CNA-2024-0082",
"organizationName": "Delta Electronics, Inc.",
- "scope": "Delta Electronics products as listed on www.deltaww.com",
+ "scope": "Delta Electronics products as listed on www.deltaww.com.",
"contact": [
{
"email": [
@@ -24526,7 +24526,7 @@
"shortName": "bizerba",
"cnaID": "CNA-2024-0083",
"organizationName": "Bizerba SE & Co. KG",
- "scope": "Bizerba products only",
+ "scope": "Bizerba products only.",
"contact": [
{
"email": [
@@ -24582,7 +24582,7 @@
"shortName": "iManage",
"cnaID": "CNA-2024-0084",
"organizationName": "iManage LLC",
- "scope": "iManage issues only",
+ "scope": "iManage issues only.",
"contact": [
{
"email": [
@@ -24638,7 +24638,7 @@
"shortName": "Automox",
"cnaID": "CNA-2024-0085",
"organizationName": "Automox Inc.",
- "scope": "All products created by Automox",
+ "scope": "All products created by Automox.",
"contact": [
{
"email": [
@@ -24695,7 +24695,7 @@
"shortName": "Delinea",
"cnaID": "CNA-2024-0086",
"organizationName": "Delinea, Inc.",
- "scope": "Vulnerabilities in Delinea products or services listed on delinea.com, or vulnerabilities in third-party products or services discovered by or reported to Delinea, unless covered by the scope of another CNA",
+ "scope": "Vulnerabilities in Delinea products or services listed on delinea.com, or vulnerabilities in third-party products or services discovered by or reported to Delinea, unless covered by the scope of another CNA.",
"contact": [
{
"email": [
@@ -24753,7 +24753,7 @@
"shortName": "CEP",
"cnaID": "CNA-2024-0087",
"organizationName": "Cepheid",
- "scope": "Cepheid products",
+ "scope": "Cepheid products.",
"contact": [
{
"email": [
@@ -24809,7 +24809,7 @@
"shortName": "S21sec",
"cnaID": "CNA-2024-0088",
"organizationName": "S21sec Cyber Solutions by Thales",
- "scope": "Vulnerabilities discovered by S21sec that are not within another CNA’s scope",
+ "scope": "Vulnerabilities discovered by S21sec that are not within another CNA’s scope.",
"contact": [
{
"email": [
@@ -24865,7 +24865,7 @@
"shortName": "Roche",
"cnaID": "CNA-2024-0089",
"organizationName": "Roche Diagnostics",
- "scope": "Roche’s medical technology products",
+ "scope": "Roche’s medical technology products.",
"contact": [
{
"email": [
@@ -24921,7 +24921,7 @@
"shortName": "MolDev",
"cnaID": "CNA-2025-0001",
"organizationName": "Molecular Devices",
- "scope": "Molecular Devices products only as listed on moleculardevices.com/products",
+ "scope": "Molecular Devices products only as listed on moleculardevices.com/products.",
"contact": [
{
"email": [],
@@ -24977,7 +24977,7 @@
"shortName": "SOCRadar",
"cnaID": "CNA-2025-0002",
"organizationName": "SOCRadar Cyber Intelligence Inc.",
- "scope": "Vulnerabilities in SOCRadar products and services and vulnerabilities discovered by or reported to SOCRadar that are not in another CNA’s scope",
+ "scope": "Vulnerabilities in SOCRadar products and services and vulnerabilities discovered by or reported to SOCRadar that are not in another CNA’s scope.",
"contact": [
{
"email": [
@@ -25034,7 +25034,7 @@
"shortName": "PTC",
"cnaID": "CNA-2025-0003",
"organizationName": "PTC Inc.",
- "scope": "All currently supported PTC software products and cloud/SaaS services",
+ "scope": "All currently supported PTC software products and cloud/SaaS services.",
"contact": [
{
"email": [],
@@ -25090,7 +25090,7 @@
"shortName": "HemoCue",
"cnaID": "CNA-2025-0004",
"organizationName": "HemoCue AB",
- "scope": "HemoCue branded products and technologies only",
+ "scope": "HemoCue branded products and technologies only.",
"contact": [
{
"email": [
@@ -25141,5 +25141,174 @@
]
},
"country": "Sweden"
+ },
+ {
+ "shortName": "securepoint",
+ "cnaID": "CNA-2025-0005",
+ "organizationName": "Securepoint GmbH",
+ "scope": "Securepoint GmbH issues only.",
+ "contact": [
+ {
+ "email": [
+ {
+ "label": "Email",
+ "emailAddr": "security@securepoint.de"
+ }
+ ],
+ "contact": [],
+ "form": []
+ }
+ ],
+ "disclosurePolicy": [
+ {
+ "label": "Policy",
+ "language": "",
+ "url": "https://www.securepoint.de/disclosure-policy"
+ }
+ ],
+ "securityAdvisories": {
+ "alerts": [],
+ "advisories": [
+ {
+ "label": "Advisories",
+ "url": "https://wiki.securepoint.de/Advisory"
+ }
+ ]
+ },
+ "resources": [],
+ "CNA": {
+ "isRoot": false,
+ "root": {
+ "shortName": "n/a",
+ "organizationName": "n/a"
+ },
+ "roles": [
+ {
+ "helpText": "",
+ "role": "CNA"
+ }
+ ],
+ "TLR": {
+ "shortName": "mitre",
+ "organizationName": "MITRE Corporation"
+ },
+ "type": [
+ "Vendor"
+ ]
+ },
+ "country": "Germany"
+ },
+ {
+ "shortName": "Centreon",
+ "cnaID": "CNA-2025-0006",
+ "organizationName": "Centreon",
+ "scope": "All Centreon product issues only.",
+ "contact": [
+ {
+ "email": [
+ {
+ "label": "Email",
+ "emailAddr": "security@centreon.com"
+ }
+ ],
+ "contact": [],
+ "form": []
+ }
+ ],
+ "disclosurePolicy": [
+ {
+ "label": "Policy",
+ "language": "",
+ "url": "https://vdp.centreon.com/p/centreon-VDP"
+ }
+ ],
+ "securityAdvisories": {
+ "alerts": [],
+ "advisories": [
+ {
+ "label": "Advisories",
+ "url": "https://thewatch.centreon.com/latest-security-bulletins-64"
+ }
+ ]
+ },
+ "resources": [],
+ "CNA": {
+ "isRoot": false,
+ "root": {
+ "shortName": "n/a",
+ "organizationName": "n/a"
+ },
+ "roles": [
+ {
+ "helpText": "",
+ "role": "CNA"
+ }
+ ],
+ "TLR": {
+ "shortName": "mitre",
+ "organizationName": "MITRE Corporation"
+ },
+ "type": [
+ "Vendor",
+ "Open Source"
+ ]
+ },
+ "country": "France"
+ },
+ {
+ "shortName": "ATIS",
+ "cnaID": "CNA-2025-0007",
+ "organizationName": "ATISoluciones Diseño de Sistemas Electrónicos, S.L.",
+ "scope": "AtiSoluciones products only.",
+ "contact": [
+ {
+ "email": [
+ {
+ "label": "Email",
+ "emailAddr": "cve@atisoluciones.com"
+ }
+ ],
+ "contact": [],
+ "form": []
+ }
+ ],
+ "disclosurePolicy": [
+ {
+ "label": "Policy",
+ "language": "",
+ "url": "https://www.atisoluciones.com/politica-cve"
+ }
+ ],
+ "securityAdvisories": {
+ "alerts": [],
+ "advisories": [
+ {
+ "label": "Advisories",
+ "url": "https://www.atisoluciones.com/incidentes-cve"
+ }
+ ]
+ },
+ "resources": [],
+ "CNA": {
+ "isRoot": false,
+ "root": {
+ "shortName": "INCIBE",
+ "organizationName": "Spanish National Cybersecurity Institute, S.A. (INCIBE)"
+ },
+ "type": [
+ "Vendor"
+ ],
+ "TLR": {
+ "shortName": "mitre",
+ "organizationName": "MITRE Corporation"
+ },
+ "roles": [
+ {
+ "helpText": "",
+ "role": "CNA"
+ }
+ ]
+ },
+ "country": "Spain"
}
]
\ No newline at end of file
diff --git a/src/assets/data/NotificationBanner.json b/src/assets/data/NotificationBanner.json
index 5740c5655..dfc73f410 100644
--- a/src/assets/data/NotificationBanner.json
+++ b/src/assets/data/NotificationBanner.json
@@ -19,6 +19,18 @@
{
"contentType": "paragraph",
"content": "."
+ },
+ {
+ "contentType": "paragraph",
+ "content": "
"
+ },
+ {
+ "contentType": "paragraph",
+ "content": "Notice: "
+ },
+ {
+ "contentType": "paragraph",
+ "content": "On Thursday, February 13, 2025, the CVE Program will be performing maintenance on the CVE List repository to correct inaccuracies in the DATE fields of approximately 3,500 CVE Records (i.e., in the date published, date reserved, date updated, and date modified fields). Only DATE fields will be updated during this maintenance. The repository will remain operational during this time."
}
]
}
\ No newline at end of file
diff --git a/src/assets/data/metrics.json b/src/assets/data/metrics.json
index 2a95ca6eb..10c6a25c9 100644
--- a/src/assets/data/metrics.json
+++ b/src/assets/data/metrics.json
@@ -1133,7 +1133,7 @@
},
{
"month": "February",
- "value": "1"
+ "value": "4"
},
{
"month": "March",
diff --git a/src/assets/data/news.json b/src/assets/data/news.json
index 8a42fd3c1..43353ade2 100644
--- a/src/assets/data/news.json
+++ b/src/assets/data/news.json
@@ -1,5 +1,126 @@
{
"currentNews": [
+ {
+ "id": 479,
+ "newsType": "news",
+ "title": "ATISoluciones Added as CVE Numbering Authority (CNA)",
+ "urlKeywords": "ATISoluciones Added as CNA",
+ "date": "2025-02-11",
+ "description": [
+ {
+ "contentnewsType": "paragraph",
+ "content": "ATISoluciones Diseño de Sistemas Electrónicos, S.L. is now a CVE Numbering Authority (CNA) for AtiSoluciones products only."
+ },
+ {
+ "contentnewsType": "paragraph",
+ "content": "To date, 439 CNAs (437 CNAs and 2 CNA-LRs) from 40 countries and 1 no country affiliation have partnered with the CVE Program. CNAs are organizations from around the world that are authorized to assign CVE Identifiers (CVE IDs) and publish CVE Records for vulnerabilities affecting products within their distinct, agreed-upon scope, for inclusion in first-time public announcements of new vulnerabilities. ATISoluciones is the 8th CNA from Spain."
+ },
+ {
+ "contentnewsType": "paragraph",
+ "content": "ATISoluciones’ Root is the INCIBE Root."
+ }
+ ]
+ },
+ {
+ "id": 478,
+ "newsType": "news",
+ "title": "Centreon Added as CVE Numbering Authority (CNA)",
+ "urlKeywords": "Centreon Added as CNA",
+ "date": "2025-02-11",
+ "description": [
+ {
+ "contentnewsType": "paragraph",
+ "content": "Centreon is now a CVE Numbering Authority (CNA) for all Centreon product issues only."
+ },
+ {
+ "contentnewsType": "paragraph",
+ "content": "To date, 438 CNAs (436 CNAs and 2 CNA-LRs) from 40 countries and 1 no country affiliation have partnered with the CVE Program. CNAs are organizations from around the world that are authorized to assign CVE Identifiers (CVE IDs) and publish CVE Records for vulnerabilities affecting products within their distinct, agreed-upon scope, for inclusion in first-time public announcements of new vulnerabilities. Centreon is the 7th CNA from France."
+ },
+ {
+ "contentnewsType": "paragraph",
+ "content": "Centreon’s Root is the MITRE Top-Level Root."
+ }
+ ]
+ },
+ {
+ "id": 477,
+ "newsType": "news",
+ "title": "Securepoint Added as CVE Numbering Authority (CNA)",
+ "urlKeywords": "Securepoint Added as CNA",
+ "date": "2025-02-11",
+ "description": [
+ {
+ "contentnewsType": "paragraph",
+ "content": "Securepoint GmbH is now a CVE Numbering Authority (CNA) for Securepoint GmbH issues only."
+ },
+ {
+ "contentnewsType": "paragraph",
+ "content": "To date, 437 CNAs (435 CNAs and 2 CNA-LRs) from 40 countries and 1 no country affiliation have partnered with the CVE Program. CNAs are organizations from around the world that are authorized to assign CVE Identifiers (CVE IDs) and publish CVE Records for vulnerabilities affecting products within their distinct, agreed-upon scope, for inclusion in first-time public announcements of new vulnerabilities. Securepoint is the 20th CNA from Germany."
+ },
+ {
+ "contentnewsType": "paragraph",
+ "content": "Securepoint’s Root is the MITRE Top-Level Root."
+ }
+ ]
+ },
+ {
+ "id": 476,
+ "newsType": "blog",
+ "title": "Vulnerability Data Enrichment for CVE Records: 241 CNAs on the Enrichment Recognition List for February 10, 2025",
+ "urlKeywords": "CNA Enrichment Recognition List Update",
+ "date": "2025-02-11",
+ "author": {
+ "name": "CVE Program",
+ "organization": {
+ "name": "CVE Program",
+ "url": ""
+ },
+ "title": "",
+ "bio": ""
+ },
+ "description": [
+ {
+ "contentnewsType": "paragraph",
+ "content": "The “CNA Enrichment Recognition List” for February 10, 2025, is now available with 241 CNAs listed. Published every two weeks on the CVE website, the list recognizes those CVE Numbering Authorities (CNAs) that are actively providing enhanced vulnerability data in their CVE Records. CNAs are added to the list if they provide Common Vulnerability Scoring System (CVSS) and Common Weakness Enumeration (CWE™) information 98% of the time or more within the two-week period of their last published CVE Record."
+ },
+ {
+ "contentnewsType": "paragraph",
+ "content": "For more about the recognition list, see “Recognition for CNAs Actively Providing Vulnerability Data Enrichment for CVE Records.” To learn more about vulnerability information types like CVSS and CWE, see the CVE Record User Guide. View the most current CNA Enrichment Recognition List on the CVE website Metrics page here."
+ },
+ {
+ "contentnewsType": "paragraph",
+ "content": "CNA Enrichment Recognition List for February 10, 2025, with 241 CNAs listed:
9front Systems
Absolute Software
Acronis International GmbH
Adobe Systems Incorporated
Advanced Micro Devices Inc.
AlgoSec
Alias Robotics S.L.
Amazon
AMI
AppCheck Ltd.
ARC Informatique
Asea Brown Boveri Ltd.
ASR Microelectronics Co., Ltd.
ASUSTeK Computer Incorporation
Autodesk
Automotive Security Research Group (ASRG)
Avaya Inc.
Axis Communications AB
Baicells Technologies Co., Ltd.
Baidu, Inc.
Baxter Healthcare
Becton, Dickinson and Company (BD)
BeyondTrust Inc.
Bitdefender
Black Duck Software, Inc.
BlackBerry
Brocade Communications Systems, Inc.
Canon EMEA
Canon Inc.
Carrier Global Corporation
Cato Networks
CERT.PL
CERT@VDE
Check Point Software Technologies Ltd.
Checkmarx
Checkmk GmbH
Ciena Corporation
cirosec GmbH
ClickHouse, Inc.
Cloudflare, Inc.
Concrete CMS
Crafter CMS
CyberArk Labs
CyberDanube
Cybersecurity and Infrastructure Security Agency (CISA) U.S. Civilian Government
Dassault Systèmes
Delinea, Inc.
Dell EMC
Delta Electronics, Inc.
Dfinity Foundation
DirectCyber
Docker Inc.
dotCMS LLC
Dragos, Inc.
Dutch Institute for Vulnerability Disclosure (DIVD)
Eaton
Eclipse Foundation
Elastic
EnterpriseDB Corporation
Environmental Systems Research Institute, Inc. (Esri)
Ericsson
ESET, spol. s r.o.
EU Agency for Cybersecurity (ENISA)
Exodus Intelligence
F5 Networks
Fedora Project (Infrastructure Software)
Fluid Attacks
Forcepoint
Forescout Technologies
ForgeRock, Inc.
Fortinet, Inc.
Fortra, LLC
Gallagher Group Ltd
GE Healthcare
Genetec Inc.
Gitea Limited
GitHub (maintainer security advisories)
GitHub Inc, (Products Only)
GitLab Inc.
Glyph & Cog, LLC
Google LLC
Grafana Labs
Gridware Cybersecurity
Hanwha Vision Co., Ltd.
HashiCorp Inc.
HCL Software
HeroDevs
HiddenLayer, Inc.
Hillstone Networks Inc.
Hitachi Energy
Hitachi Vantara
Hitachi, Ltd.
Honeywell International Inc.
HP Inc.
Huawei Technologies
HYPR Corp
IBM Corporation
Indian Computer Emergency Response Team (CERT-In)
Intel Corporation
Internet Systems Consortium (ISC)
Israel National Cyber Directorate
Ivanti
Jamf
JetBrains s.r.o.
JFROG
Johnson Controls
JPCERT/CC
Juniper Networks, Inc.
Kaspersky
KNIME AG
KrCERT/CC
Kubernetes
Lenovo Group Ltd.
Lexmark International Inc.
LG Electronics
Liferay, Inc.
Logitech
M-Files Corporation
ManageEngine
Mattermost, Inc
Mautic
Microchip Technology
Milestone Systems A/S
Mitsubishi Electric Corporation
MongoDB
Moxa Inc.
N-able
National Cyber Security Centre - Netherlands (NCSC-NL)
National Cyber Security Centre Finland
National Cyber Security Centre SK-CERT
National Instruments
Netflix, Inc.
Netskope
NLnet Labs
NortonLifeLock Inc
Nozomi Networks Inc.
Nvidia Corporation
Octopus Deploy
Okta
OMRON Corporation
ONEKEY GmbH
Open Design Alliance
Open-Xchange
OpenAnolis
openEuler
OpenHarmony
OpenText (formerly Micro Focus)
OPPO
OTRS AG
Palantir Technologies
Palo Alto Networks
Panasonic Holdings Corporation
Pandora FMS
PaperCut Software Pty Ltd
Patchstack OÜ
Payara
Pegasystems
Pentraze Cybersecurity
Phoenix Technologies, Inc.
PHP Group
Ping Identity Corporation
PlexTrac, Inc.
PostgreSQL
Progress Software Corporation
Proofpoint Inc.
Protect AI
Pure Storage, Inc.
Python Software Foundation
QNAP Systems, Inc.
Qualcomm, Inc.
rami.io GmbH
Real-Time Innovations, Inc.
Red Hat, Inc.
Robert Bosch GmbH
Roche Diagnostics
Rockwell Automation
SailPoint Technologies
Samsung TV & Appliance
SAP SE
SBA Research gGmbH
Schneider Electric SE
Schweitzer Engineering Laboratories, Inc.
Secomea
Securin
Security Risk Advisors
ServiceNow
SHENZHEN CoolKit Technology CO., LTD.
SICK AG
Siemens
Silicon Labs
Snow Software
Snyk
SoftIron
SolarWinds
Sonatype Inc.
Sophos
Spanish National Cybersecurity Institute, S.A.
Splunk
STAR Labs SG Pte. Ltd.
Super Micro Computer, Inc.
Suse
Switzerland National Cyber Security Centre (NCSC)
Synaptics
Synology Inc.
Talos
TeamViewer Germany GmbH
Teltonika Networks
Temporal Technologies Inc.
Tenable Network Security, Inc.
Thales Group
The Document Foundation
The Missing Link Australia (TML)
The Tcpdump Group
TianoCore.org
Tigera
Toshiba Corporation
TR-CERT (Computer Emergency Response Team of the Republic of Turkey)
Trellix
TWCERT/CC
TXOne Networks, Inc.
upKeeper Solutions
Vivo Mobile Communication Technology Co.,LTD.
VulDB
VulnCheck
VULSec Labs
WatchGuard Technologies, Inc.
Western Digital
Wiz, Inc.
Wordfence
Xerox Corporation
Xiaomi Technology Co Ltd
Yandex N.V.
Yokogawa Group
Yugabyte, Inc.
Zephyr Project
Zero Day Initiative
Zoom Video Communications, Inc.
Zscaler, Inc.
ZTE Corporation
ZUSO Advanced Research Team (ZUSO ART)
Zyxel Corporation
"
+ },
+ {
+ "contentnewsType": "image",
+ "imageWidth": "",
+ "href": "/news/CnaEnrichmentRecognitionList.png",
+ "altText": "Increasing the Value of the CVE Record - CNA Enrichment Recognition List",
+ "captionText": "View the CNA Enrichment Recognition List on the Metrics page."
+ }
+ ]
+ },
+ {
+ "id": 475,
+ "newsType": "news",
+ "title": "MegaZone Reelected as CNA Liaison Board Member",
+ "urlKeywords": "MegaZone Reelected CNA Liaison Board Member",
+ "date": "2025-02-11",
+ "description": [
+ {
+ "contentnewsType": "paragraph",
+ "content": "The CVE Program is pleased to announce that MegaZone of F5, Inc. received the majority of votes from CNAs and was reelected as the CVE Numbering Authority (CNA) Liaison to the CVE Board for another one-year term."
+ },
+ {
+ "contentnewsType": "paragraph",
+ "content": "Per the CVE Board Charter, “Section 1.3.3 CNA Liaison – A single seat on the Board is reserved for a CNA Liaison who represents the CNA community, and ensures CNAs are updated with various status and activity-related information. This is an elected position which CVE Numbering Authorities (CNAs) vote on annually. The liaison is a voting member of the Board, with a one-year term, and can serve more than one consecutive term if the CNA community desires as indicated by the results of the voting. This position is a two-way conduit for CNAs to bring things to and from the Board in a more official and structured way.”"
+ },
+ {
+ "contentnewsType": "paragraph",
+ "content": "The CVE Board is the organization responsible for the strategic direction, governance, operational structure, policies, and rules of the CVE Program. The Board includes members from numerous cybersecurity-related organizations including commercial security tool vendors, academia, research institutions, government departments and agencies, and other prominent security experts, as well as end-users of vulnerability information."
+ }
+ ]
+ },
{
"id": 474,
"newsType": "news",
@@ -139,7 +260,6 @@
},
{
"id": 470,
- "displayOnHomepageOrder": 1,
"newsType": "blog",
"title": "Guide for Including CPE Applicability Statements in CVE Records Now Available for CNAs",
"urlKeywords": "Guide for Including CPE in CVE Records",
@@ -1534,9 +1654,17 @@
"contentnewsType": "table",
"title": "",
"year": "2024",
- "quarter": ["Q1","Q2","Q3"],
+ "quarter": [
+ "Q1",
+ "Q2",
+ "Q3"
+ ],
"dataRowTitle": "CVE Records Published by All CNAs",
- "dataRowCounts": ["8,697","11,716","8,591"]
+ "dataRowCounts": [
+ "8,697",
+ "11,716",
+ "8,591"
+ ]
},
{
"contentnewsType": "paragraph",
@@ -1550,9 +1678,17 @@
"contentnewsType": "table",
"title": "",
"year": "2024",
- "quarter": ["Q1","Q2","Q3"],
+ "quarter": [
+ "Q1",
+ "Q2",
+ "Q3"
+ ],
"dataRowTitle": "CVE IDs Reserved by All CNAs",
- "dataRowCounts": ["13,499","12,529","11,250"]
+ "dataRowCounts": [
+ "13,499",
+ "12,529",
+ "11,250"
+ ]
},
{
"contentnewsType": "paragraph",
diff --git a/src/router/index.js b/src/router/index.js
index 3252b046d..2e69abc0a 100644
--- a/src/router/index.js
+++ b/src/router/index.js
@@ -440,6 +440,11 @@ router.beforeEach((to, from, next) => {
// Remove any stale meta tags from the document using the key attribute we set below.
Array.from(document.querySelectorAll('[data-vue-router-controlled]'), (el) => el.parentNode.removeChild(el));
+ //Changes title to reflect CVE-ID
+ if (to.name === "CVERecord") {
+ document.title = to.query.id + " | CVE"
+}
+
// Skip rendering meta tags if there are none.
if (!nearestWithMeta) return next();
diff --git a/src/views/About/Metrics.vue b/src/views/About/Metrics.vue
index 146c9b9b5..0425f86cd 100644
--- a/src/views/About/Metrics.vue
+++ b/src/views/About/Metrics.vue
@@ -295,8 +295,8 @@
CNA Enrichment Recognition List
-
Last Updated:
- Total CNAs: 242
+
Last Updated:
+ Total CNAs: 241
9front Systems
@@ -337,7 +337,6 @@
Checkmk GmbH
Ciena Corporation
cirosec GmbH
-
Cisco Systems, Inc.
ClickHouse, Inc.
Cloudflare, Inc.
Concrete CMS
@@ -348,6 +347,7 @@
Dassault Systèmes
Delinea, Inc.
Dell EMC
+
Delta Electronics, Inc.
Dfinity Foundation
DirectCyber
Docker Inc.
@@ -365,7 +365,6 @@
Exodus Intelligence
F5 Networks
Fedora Project (Infrastructure Software)
-
Flexera Software LLC
Fluid Attacks
Forcepoint
Forescout Technologies
@@ -397,9 +396,9 @@
Huawei Technologies
HYPR Corp
IBM Corporation
-
ICS-CERT
Indian Computer Emergency Response Team (CERT-In)
Intel Corporation
+
Internet Systems Consortium (ISC)
Israel National Cyber Directorate
Ivanti
Jamf
@@ -422,7 +421,6 @@
Mattermost, Inc
Mautic
Microchip Technology
-
Microsoft Corporation
Milestone Systems A/S
Mitsubishi Electric Corporation
MongoDB
@@ -437,6 +435,7 @@
NLnet Labs
NortonLifeLock Inc
Nozomi Networks Inc.
+
Nvidia Corporation
Octopus Deploy
Okta
OMRON Corporation
@@ -458,7 +457,6 @@
Payara
Pegasystems
Pentraze Cybersecurity
-
Perforce
Phoenix Technologies, Inc.
PHP Group
Ping Identity Corporation
@@ -472,11 +470,11 @@
QNAP Systems, Inc.
Qualcomm, Inc.
rami.io GmbH
-
Rapid7, Inc.
Real-Time Innovations, Inc.
Red Hat, Inc.
Robert Bosch GmbH
Roche Diagnostics
+
Rockwell Automation
SailPoint Technologies
Samsung TV & Appliance
SAP SE
@@ -500,9 +498,9 @@
Spanish National Cybersecurity Institute, S.A.
Splunk
STAR Labs SG Pte. Ltd.
+
Super Micro Computer, Inc.
Suse
Switzerland National Cyber Security Centre (NCSC)
-
Symantec - A Division of Broadcom
Synaptics
Synology Inc.
Talos
@@ -518,10 +516,11 @@
Tigera
Toshiba Corporation
TR-CERT (Computer Emergency Response Team of the Republic of Turkey)