[
{
"shortName": "adobe",
"cnaID": "CNA-2009-0001",
"organizationName": "Adobe Systems Incorporated",
"scope": "Adobe issues only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "psirt@adobe.com"
}
],
"contact": [
{
"label": "Adobe security contact page",
"url": "https://helpx.adobe.com/security/alertus.html"
}
],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://hackerone.com/adobe"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://helpx.adobe.com/security.html"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "AMD",
"cnaID": "CNA-2020-0013",
"organizationName": "Advanced Micro Devices Inc.",
"scope": "AMD branded products and technologies only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "psirt@amd.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.amd.com/en/resources/product-security.html#vulnerability"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.amd.com/en/resources/product-security.html#security"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "airbus",
"cnaID": "CNA-2017-0026",
"organizationName": "Airbus",
"scope": "All Airbus products (supported products and end-of-life/end-of-service products), as well as vulnerabilities in third-party software discovered by Airbus that are not in another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "vuln@airbus.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.airbus.com/en/airbus-contact-us#:~:text=Vulnerability%20disclosure%20guidelines"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://airbus-seclab.github.io/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor",
"Researcher"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "Netherlands"
},
{
"shortName": "Alias",
"cnaID": "CNA-2020-0004",
"organizationName": "Alias Robotics S.L.",
"scope": "All Alias Robotics products, as well as vulnerabilities in third-party robots and robot components (software and hardware), as well as machine tool and machine tool components, discovered by Alias Robotics that are not in another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "cve@aliasrobotics.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://github.com/aliasrobotics/RVD#disclosure-policy"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://github.com/aliasrobotics/RVD"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "INCIBE",
"organizationName": "Spanish National Cybersecurity Institute, S.A. (INCIBE)"
},
"type": [
"Vendor",
"Researcher"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "Spain"
},
{
"shortName": "alibaba",
"cnaID": "CNA-2017-0024",
"organizationName": "Alibaba, Inc.",
"scope": "Projects listed on its Alibaba GitHub website only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "alibaba-cna@list.alibaba-inc.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://github.com/alibaba/disclosure/blob/main/README.md"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://security.alibaba.com/announcement.htm"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor",
"Open Source"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "China"
},
{
"shortName": "Ampere",
"cnaID": "CNA-2020-0006",
"organizationName": "Ampere Computing",
"scope": "Ampere issues only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "psirt@amperecomputing.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://amperecomputing.com/products/product-security.html"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://amperecomputing.com/products/product-security.html"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "google_android",
"cnaID": "CNA-2011-0002",
"organizationName": "Android (associated with Google Inc. or Open Handset Alliance)",
"scope": "Android issues, as well as vulnerabilities in third-party software discovered by Android that are not in another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "android-cna-team@google.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://source.android.com/security/overview/updates-resources#report-issues"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://source.android.com/security/bulletin"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "Google",
"organizationName": "Google LLC"
},
"type": [
"Vendor",
"Open Source",
"Researcher"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "apache",
"cnaID": "CNA-2016-0004",
"organizationName": "Apache Software Foundation",
"scope": "All Apache Software Foundation issues only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@apache.org"
}
],
"contact": [
{
"label": "Apache security contact page",
"url": "https://www.apache.org/security/"
}
],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.apache.org/security/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.openwall.com/lists/oss-security"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor",
"Open Source"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "apple",
"cnaID": "CNA-2009-0002",
"organizationName": "Apple Inc.",
"scope": "Apple issues only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "product-security@apple.com"
}
],
"contact": [
{
"label": "Apple security contact page",
"url": "https://support.apple.com/en-us/HT201220"
}
],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://support.apple.com/en-us/HT201220"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://support.apple.com/en-us/HT201222"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "Arista",
"cnaID": "CNA-2021-0008",
"organizationName": "Arista Networks, Inc.",
"scope": "All Arista products only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "psirt@arista.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.arista.com/en/support/advisories-notices"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.arista.com/en/support/advisories-notices"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "ABB",
"cnaID": "CNA-2019-0013",
"organizationName": "Asea Brown Boveri Ltd. (ABB)",
"scope": "ABB issues only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "cybersecurity@ch.abb.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://library.e.abb.com/public/5961d0d7e2a747728a531a79e3752c31/9ADB005059_ABB_SoftwareVulnerabilityWhitepaper_RevG.pdf?x-sign=y1gE9dzvYeyMAo08CtpfnMmrkal+yQmKEnAZzibtRGINn/cNyboac07SS64tnFN5"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://global.abb/group/en/technology/cyber-security/alerts-and-notifications"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "icscert",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "CISA",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA)"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "Switzerland"
},
{
"shortName": "atlassian",
"cnaID": "CNA-2017-0015",
"organizationName": "Atlassian",
"scope": "All Atlassian products, as well as Atlassian-maintained projects hosted on https://bitbucket.org/ and https://github.com/atlassian/.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@atlassian.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://bugcrowd.com/atlassian"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.atlassian.com/trust/security/advisory-publishing-policy"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor",
"Open Source"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "Australia"
},
{
"shortName": "autodesk",
"cnaID": "CNA-2017-0025",
"organizationName": "Autodesk",
"scope": "All currently supported Autodesk Applications and Cloud Services.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "psirt@autodesk.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.autodesk.com/trust/incident-response"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.autodesk.com/trust/security-advisories"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "avaya",
"cnaID": "CNA-2018-0008",
"organizationName": "Avaya, Inc.",
"scope": "All Avaya Generally Available (GA) products that are not in another CNA’s scope. A CVE ID will not be issued for End of Manufacturing Support (EoMS) products/versions.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "securityalerts@avaya.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://downloads.avaya.com/css/P8/documents/100045520"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://support.avaya.com/security"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "Axis",
"cnaID": "CNA-2021-0014",
"organizationName": "Axis Communications AB",
"scope": "All products of Axis Communications AB and 2N including end-of-life/end-of-service products.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "product-security@axis.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://help.axis.com/en-us/axis-vulnerability-management-policy"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.axis.com/support/cybersecurity/vulnerability-management"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "Sweden"
},
{
"shortName": "BD",
"cnaID": "CNA-2021-0021",
"organizationName": "Becton, Dickinson and Company (BD)",
"scope": "BD software-enabled medical devices only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "cybersecurity@bd.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://cybersecurity.bd.com/vulnerability-disclosures"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://cybersecurity.bd.com/bulletins-and-patches"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "icscert",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "CISA",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA)"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "Bitdefender",
"cnaID": "CNA-2019-0008",
"organizationName": "Bitdefender",
"scope": "All Bitdefender products, as well as vulnerabilities in third-party software discovered by Bitdefender that are not in another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "cve-requests@bitdefender.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.bitdefender.com/media/materials/bug_bounty/Bitdefender_Bug_Bounty_Terms_and_Conditions.pdf"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.bitdefender.com/support/security-advisories"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor",
"Researcher"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "Romania"
},
{
"shortName": "blackberry",
"cnaID": "CNA-2014-0001",
"organizationName": "BlackBerry",
"scope": "All BlackBerry products identified on https://www.blackberry.com/us/en.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "secure@blackberry.com"
}
],
"contact": [
{
"label": "BlackBerry security contact page",
"url": "https://global.blackberry.com/en/secure/report-an-issue/en"
}
],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.blackberry.com/us/en/services/blackberry-product-security-incident-response/report-an-issue/blackberry-coordinated-vulnerability-disclosure-policy"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.blackberry.com/us/en/services/blackberry-product-security-incident-response"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "Canada"
},
{
"shortName": "brocade",
"cnaID": "CNA-2016-0006",
"organizationName": "Brocade Communications Systems LLC, a Broadcom Company",
"scope": "Brocade products only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "brocade.sirt@broadcom.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/21739"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "canonical",
"cnaID": "CNA-2005-0001",
"organizationName": "Canonical Ltd.",
"scope": "All Canonical issues (including Ubuntu Linux) only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@ubuntu.com"
}
],
"contact": [
{
"label": "Ubuntu security contact page",
"url": "https://wiki.ubuntu.com/SecurityTeam/FAQ#Contact"
}
],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://ubuntu.com/security/disclosure-policy"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://usn.ubuntu.com/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor",
"Open Source"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "UK"
},
{
"shortName": "ca",
"cnaID": "CNA-2017-0013",
"organizationName": "CA Technologies - A Broadcom Company",
"scope": "CA Technologies issues only. Note that Broadcom PSIRT handles all CA issues.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "PSIRT@broadcom.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.broadcom.com/support/resources/product-security-center"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Broadcom Enterprise Software Advisories",
"url": "https://support.broadcom.com/security-advisory/security-advisories-list.html?segment=ES"
},
{
"label": "Broadcom Mainframe Software Advisories",
"url": "https://support.broadcom.com/security-advisory/security-advisories-list.html?segment=MF"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "certcc",
"cnaID": "CNA-2005-0002",
"organizationName": "CERT/CC",
"scope": "Vulnerability assignment related to its vulnerability coordination role.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "cert@cert.org"
}
],
"contact": [
{
"label": "CERT/CC contact page",
"url": "https://kb.cert.org/vuls/report/"
}
],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://vuls.cert.org/confluence/display/Wiki/Vulnerability+Disclosure+Policy"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.kb.cert.org/vuls/bypublished/desc/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"CERT"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "CERTVDE",
"cnaID": "CNA-2020-0010",
"organizationName": "CERT@VDE",
"scope": "Products of CERT@VDE cooperative partners and brands listed at https://cert.vde.com/en/cna/. Also, industrial and infrastructure control systems (and its components) of European Union (EU) based vendors unless covered by the scope of another CNA. Partners and brands include but are not limited to: ADS-TEC Industrial IT, Auma, sipos, Beckhoff, Bender, Bucher Automation, CLAAS, 365FarmNet, Satinfo, Carlo Gavazzi Controls, Codesys, DURAG GROUP, Draeger, Endress+Hauser, Euchner, Festo Didactic, Festo, Frauscher, GEA, HIMA, Harman, Helmholz, Hilscher, K4 DIGITAL, KEB, Krohne, Kuka, Lenze, BHN Services, MB connect line, Miele, Murrelektronik, PHOENIX CONTACT, Etherwan Systems, Innominate, Pepperl+Fuchs, Pilz, SMA, SWARCO, Trumpf, TRUMPF Laser, TRUMPF Werkzeugmaschinen, VARTA Storage, VEGA, WAGO, M&M Software, Weidmueller, Welotec, Wiesemann & Theis, ifm.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "info@cert.vde.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://cert.vde.com/en/more/certvde/disclosure-policy/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://cert.vde.com/en-us/advisories"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "icscert",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)"
},
"type": [
"CERT"
],
"TLR": {
"shortName": "CISA",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA)"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "Germany"
},
{
"shortName": "checkpoint",
"cnaID": "CNA-2016-0008",
"organizationName": "Check Point Software Ltd.",
"scope": "Check Point Security Gateways product line only, and any vulnerabilities discovered by Check Point that are not in another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "cve@checkpoint.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://cpr-zero.checkpoint.com/policy/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.checkpoint.com/advisories/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor",
"Researcher"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "Israel"
},
{
"shortName": "Chrome",
"cnaID": "CNA-2011-0003",
"organizationName": "Chrome",
"scope": "Chrome issues and projects that are not in another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@chromium.org"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.google.com/about/appsecurity/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://chromereleases.googleblog.com/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "Google",
"organizationName": "Google LLC"
},
"type": [
"Vendor",
"Open Source",
"Researcher"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "cisco",
"cnaID": "CNA-2007-0001",
"organizationName": "Cisco Systems, Inc.",
"scope": "All Cisco products, and any third-party research targets that are not in another CNA’s scope. Cisco will not issue a CVE ID for issues reported on products that are past the Last Day of Support milestone, as defined on Cisco’s End-of-Life Policy, which is available at https://www.cisco.com/c/en/us/products/eos-eol-policy.html.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "psirt@cisco.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.cisco.com/c/en/us/about/security-center/security-vulnerability-policy.html"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Cisco Advisories",
"url": "https://tools.cisco.com/security/center/resources/security_vulnerability_policy.html#sa"
},
{
"label": "Duo Advisories",
"url": "https://duo.com/labs/psa/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Hosted Service",
"Open Source",
"Researcher",
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "cloudflare",
"cnaID": "CNA-2018-0003",
"organizationName": "Cloudflare, Inc.",
"scope": "All Cloudflare products, projects hosted at https://github.com/cloudflare/, and any vulnerabilities discovered by Cloudflare that are not in another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "cna@cloudflare.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.cloudflare.com/disclosure/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://hackerone.com/cloudflare/hacktivity"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "Crafter_CMS",
"cnaID": "CNA-2020-0030",
"organizationName": "Crafter CMS",
"scope": "Crafter CMS issues only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@craftersoftware.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://docs.craftercms.org/en/4.0/security/security-policies.html"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://docs.craftercms.org/en/4.0/security/advisory.html"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor",
"Open Source"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "Cybellum",
"cnaID": "CNA-2020-0001",
"organizationName": "Cybellum Technologies LTD",
"scope": "All Cybellum products, as well as vulnerabilities in third-party software discovered by Cybellum that are not in another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "info@cybellum.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://cybellum.com/disclosure-policy/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://cybellum.com/vulnerabilities/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "Israel"
},
{
"shortName": "icscert",
"cnaID": "CNA-2012-0001",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)",
"scope": "Vulnerabilities that are (1) reported to or observed by CISA, (2) affect industrial control systems or medical devices, and (3) are not covered by another CNA’s scope.",
"contact": [
{
"email": [],
"contact": [],
"form": [
{
"label": "Submit a Report",
"url": "https://www.cisa.gov/report"
}
]
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.cisa.gov/coordinated-vulnerability-disclosure-process"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "ICS Advisories",
"url": "https://cisa.gov/icsa"
},
{
"label": "ICS Medical Advisories",
"url": "https://cisa.gov/icsma"
}
]
},
"resources": [],
"CNA": {
"isRoot": true,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"CERT"
],
"TLR": {
"shortName": "CISA",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA)"
},
"roles": [
{
"helpText": "",
"role": "Root"
},
{
"helpText": "reports to CISA ICS Root",
"role": "CNA-LR"
}
]
},
"country": "USA"
},
{
"shortName": "CSW",
"cnaID": "CNA-2020-0034",
"organizationName": "Cyber Security Works Pvt. Ltd.",
"scope": "Vulnerabilities in third-party software discovered by CSW that are not in another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "disclose@cybersecurityworks.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://cybersecurityworks.com/vulnerability-disclosure-policy.php"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://cybersecurityworks.com/zerodays-vulnerability-list/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Researcher"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "India"
},
{
"shortName": "dahua",
"cnaID": "CNA-2017-0014",
"organizationName": "Dahua Technologies",
"scope": "Dahua consumer Internet of Things (IoT) products, excludes End-of-Life products.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "cybersecurity@dahuatech.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.dahuasecurity.com/aboutUs/trustedCenter/trustworthy"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.dahuasecurity.com/support/cybersecurity/annoucementNotice"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "China"
},
{
"shortName": "debian",
"cnaID": "CNA-2005-0003",
"organizationName": "Debian GNU/Linux",
"scope": "Debian issues only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@debian.org"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.debian.org/security/disclosure-policy"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.debian.org/security/#DSAS"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor",
"Open Source"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "DeepSurface",
"cnaID": "CNA-2021-0010",
"organizationName": "DeepSurface Security, Inc.",
"scope": "All DeepSurface products, as well as vulnerabilities in third-party software discovered by DeepSurface that are not in another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@deepsurface.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://deepsurface.com/vulnerability-disclosure-policy/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://deepsurface.com/tag/blog/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor",
"Researcher"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "dell",
"cnaID": "CNA-2011-0004",
"organizationName": "Dell",
"scope": "Dell, Dell EMC, and VCE issues only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "secure@dell.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.dell.com/support/contents/us/en/04/article/product-support/self-support-knowledgebase/security-antivirus/alerts-vulnerabilities/dell-vulnerability-response-policy"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.dell.com/support/security/en-us"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "DEVOLUTIONS",
"cnaID": "CNA-2021-0031",
"organizationName": "Devolutions Inc.",
"scope": "Remote Desktop Manager and Devolutions Server products.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@devolutions.net"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://devolutions.net/security"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://devolutions.net/security/advisories/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor",
"Open Source"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "Canada"
},
{
"shortName": "Document_Fdn.",
"cnaID": "CNA-2019-0002",
"organizationName": "Document Foundation, The",
"scope": "Projects within The Document Foundation only, e.g., LibreOffice, LibreOffice Online; The Document Foundation discourages reporting denial of service bugs as security issues.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@documentfoundation.org"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.libreoffice.org/about-us/security"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.libreoffice.org/about-us/security/advisories/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "redhat",
"organizationName": "Red Hat, Inc."
},
"type": [
"Vendor",
"Open Source"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "Germany"
},
{
"shortName": "drupal",
"cnaID": "CNA-2017-0002",
"organizationName": "Drupal.org",
"scope": "All projects hosted under drupal.org, including End of Life (EOL) code.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@drupal.org"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.drupal.org/drupal-security-team/security-advisory-process-and-permissions-policy"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.drupal.org/security"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor",
"Open Source"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "Eaton",
"cnaID": "CNA-2019-0014",
"organizationName": "Eaton",
"scope": "Eaton issues only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "psirt@eaton.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.eaton.com/us/en-us/company/news-insights/cybersecurity/vulnerabilitydisclosure.html"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.eaton.com/us/en-us/company/news-insights/cybersecurity/security-notifications.html"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "Ireland"
},
{
"shortName": "eclipse",
"cnaID": "CNA-2017-0008",
"organizationName": "Eclipse Foundation",
"scope": "All projects hosted by the Eclipse Foundation as listed at https://www.eclipse.org/projects/ and services provided by the Eclipse Foundation to support open source projects as listed at https://www.eclipsestatus.io/.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@eclipse.org"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.eclipse.org/security"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.eclipse.org/security/known.php"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor",
"Open Source"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "Belgium"
},
{
"shortName": "elastic",
"cnaID": "CNA-2017-0011",
"organizationName": "Elastic",
"scope": "Elasticsearch, Kibana, Beats, Logstash, X-Pack, and Elastic Cloud Enterprise products only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@elastic.co"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.elastic.co/community/security"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.elastic.co/community/security"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "Netherlands"
},
{
"shortName": "EA",
"cnaID": "CNA-2020-0027",
"organizationName": "Electronic Arts, Inc.",
"scope": "EA issues only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "secure@ea.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.ea.com/security/disclosure"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.ea.com/security/advisories"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "Esri",
"cnaID": "CNA-2021-0011",
"organizationName": "Environmental Systems Research Institute, Inc.",
"scope": "All Esri products only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "psirt@esri.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://trust.arcgis.com/en/security-concern/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://trust.arcgis.com/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "ESET",
"cnaID": "CNA-2021-0029",
"organizationName": "ESET, spol. s r.o.",
"scope": "All ESET products only and vulnerabilities discovered by ESET that are not covered by another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email ESET PSIRT",
"emailAddr": "security@eset.com"
},
{
"label": "Email ESET Research",
"emailAddr": "vulnerability.disclosures@eset.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Inbound Reports Policy",
"language": "",
"url": "https://www.eset.com/int/security-vulnerability-reporting/"
},
{
"label": "Outbound Reports Policy",
"language": "",
"url": "https://www.eset.com/int/research/vulnerability-disclosure-policy/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "ESET PSIRT Advisories",
"url": "https://support-feed.eset.com/advisories/"
},
{
"label": "ESET Research Advisories",
"url": "https://github.com/eset/vulnerability-disclosures"
},
{
"label": "WeLiveSecurity Advisories",
"url": "https://welivesecurity.com/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor",
"Researcher"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "Slovak Republic"
},
{
"shortName": "F5",
"cnaID": "CNA-2016-0009",
"organizationName": "F5, Inc.",
"scope": "All F5 products and services, commercial and open source, which have not yet reached End of Technical Support (EoTS). All legacy acquisition products and brands including, but not limited to, NGINX, Shape Security, Volterra, and Threat Stack. F5 does not issue CVEs for products which are no longer supported.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "f5sirt@f5.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://support.f5.com/csp/article/K4602"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://my.f5.com/manage/s/new-updated-articles#sort=%40f5_updated_published_date%20descending&f:@f5_document_type=[Security%20Advisory]&periodFilter=4&dateField=0"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor",
"Open Source"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "Meta",
"cnaID": "CNA-2018-0001",
"organizationName": "Meta Platforms, Inc.",
"scope": "Meta-supported open source projects, mobile apps, and other software, as well as vulnerabilities in third-party software discovered by Meta that are not in another CNA’s scope; see: https://www.facebook.com/whitehat and https://github.com/facebook/.",
"contact": [
{
"email": [],
"contact": [
{
"label": "Meta security contact page",
"url": "https://www.facebook.com/whitehat"
}
],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.facebook.com/security/advisories/Vulnerability-Disclosure-Policy"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.facebook.com/security"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor",
"Open Source",
"Researcher"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "fedora",
"cnaID": "CNA-2017-0021",
"organizationName": "Fedora Project",
"scope": "Vulnerabilities in open source projects affecting the Fedora Project, that are not covered by a more specific CNA. CVEs can be assigned to vulnerabilities affecting end-of-life or unsupported releases by the Fedora Project.",
"contact": [
{
"email": [],
"contact": [
{
"label": "Fedora Bug Report page",
"url": "https://fedoraproject.org/wiki/Bugs_and_feature_requests"
}
],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://fedoraproject.org/wiki/Security_Bugs#Reporting_a_Security_Vulnerability"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://bodhi.fedoraproject.org/updates/?type=security"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "redhat",
"organizationName": "Red Hat, Inc."
},
"type": [
"Vendor",
"Open Source"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "Fidelis",
"cnaID": "CNA-2021-0026",
"organizationName": "Fidelis Cybersecurity, Inc.",
"scope": "Fidelis issues only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@fidelissecurity.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://fidelissecurity.com/security"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://support.fidelissecurity.com/hc/en-us/categories/360001842694-Advisories-News-and-Policies"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "flexera",
"cnaID": "CNA-2017-0004",
"organizationName": "Flexera Software LLC",
"scope": "All Flexera products, and vulnerabilities discovered by Secunia Research that are not in another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "psirt-cna@flexerasoftware.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.flexera.com/products/operations/software-vulnerability-research/secunia-research/disclosure-policy.html?_ga=2.126100429.1927534686.1582843801-707336045.1578583910"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://community.flexera.com/t5/FlexNet-Publisher-Knowledge-Base/tkb-p/FNP-Knowledge/label-name/vulnerability"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor",
"Open Source",
"Researcher"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "floragunn",
"cnaID": "CNA-2019-0005",
"organizationName": "floragunn GmbH",
"scope": "All issues related to Search Guard only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@search-guard.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://search-guard.com/disclosure-policy"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://search-guard.com/cve-advisory"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor",
"Open Source"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "Germany"
},
{
"shortName": "Fluid_Attacks",
"cnaID": "CNA-2021-0020",
"organizationName": "Fluid Attacks",
"scope": "Vulnerabilities in third-party software discovered by Fluid Attacks that are not in another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "help@fluidattacks.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://fluidattacks.com/advisories/policy/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://fluidattacks.com/advisories/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Researcher"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "Colombia"
},
{
"shortName": "forcepoint",
"cnaID": "CNA-2017-0033",
"organizationName": "Forcepoint",
"scope": "Forcepoint products only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "psirt@forcepoint.com"
}
],
"contact": [
{
"label": "Forcepoint security contact page",
"url": "https://www.forcepoint.com/company/innovation/product-security-report-issue"
}
],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.forcepoint.com/company/innovation/product-security-report-issue"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://support.forcepoint.com/s/knowledge-base#t=All&sort=relevancy&f:@sfrecordtypename=[Security%20Advisory]"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "fortinet",
"cnaID": "CNA-2016-0010",
"organizationName": "Fortinet, Inc.",
"scope": "Fortinet issues only.",
"contact": [
{
"email": [],
"contact": [],
"form": [
{
"label": "PSIRT contact form",
"url": "https://www.fortiguard.com/faq/psirt-contact"
}
]
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.fortiguard.com/psirt_policy"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.fortiguard.com/psirt"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "FSOFT",
"cnaID": "CNA-2021-0032",
"organizationName": "FPT Software Co., Ltd.",
"scope": "All products and services developed and operated by FPT Software, as well as vulnerabilities in third-party software discovered by FPT Software that are not in another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@fsoft.com.vn"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.fpt-software.com/vulnerability-disclosure/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.fpt-software.com/vulnerability-disclosure/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor",
"Researcher"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "Vietnam"
},
{
"shortName": "freebsd",
"cnaID": "CNA-2005-0004",
"organizationName": "FreeBSD",
"scope": "Primarily FreeBSD issues only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "secteam@freebsd.org"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.freebsd.org/security/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.freebsd.org/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor",
"Open Source"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "Gallagher",
"cnaID": "CNA-2020-0024",
"organizationName": "Gallagher Group Ltd.",
"scope": "All Gallagher security products only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "disclosures@gallagher.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://security.gallagher.com/responsible-disclosure-policy"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://security.gallagher.com/Security-Advisories"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "icscert",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "CISA",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA)"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "New Zealand"
},
{
"shortName": "GitHub_M",
"cnaID": "CNA-2019-0009",
"organizationName": "GitHub, Inc.",
"scope": "CVEs requested by code owners using the GitHub Security Advisories feature and vulnerabilities affecting open source projects discovered by security researchers at GitHub or Microsoft not covered by another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security-advisories@github.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://help.github.com/en/articles/about-maintainer-security-advisories"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://github.com/advisories"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor",
"Open Source",
"Researcher"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "GitHub_P",
"cnaID": "CNA-2020-0007",
"organizationName": "GitHub, Inc. (Products Only)",
"scope": "GitHub Enterprise Server issues only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "product-cna@github.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://bounty.github.com/#rules"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://enterprise.github.com/releases"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "GitLab",
"cnaID": "CNA-2020-0018",
"organizationName": "GitLab Inc.",
"scope": "The GitLab application, any project hosted on GitLab.com in a public repository, and any vulnerabilities discovered by GitLab that are not in another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "cve@gitlab.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://about.gitlab.com/security/disclosure/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://gitlab.com/gitlab-org/cves"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor",
"Researcher"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "Google",
"cnaID": "CNA-2020-0005",
"organizationName": "Google LLC",
"scope": "Root Scope: Alphabet organizations.
CNA Scope: Google products, including open source software published and maintained by Google, and vulnerabilities in third-party software discovered by Google that are not in another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "alphabet-cna@google.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.google.ch/about/appsecurity/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Cloud Advisories",
"url": "https://cloud.google.com/support/bulletins"
},
{
"label": "Advisories",
"url": "https://github.com/google/security-research"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"role": [
"Root",
"CNA"
],
"type": [
"Vendor",
"Open Source",
"Researcher"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "Root"
},
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "GSMC",
"cnaID": "CNA-2021-0019",
"organizationName": "GS McNamara LLC",
"scope": "GS McNamara LLC products and services, including the Floodspark portfolio, and any vulnerabilities discovered in components or projects that we are researching or coordinating that are not in another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "psirt@gsmcnamara.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://gsmcnamara.github.io/CVE/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://gsmcnamara.github.io/CVE/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor",
"Researcher"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "hackerone",
"cnaID": "CNA-2016-0011",
"organizationName": "HackerOne",
"scope": "Provides CVE IDs for its customers as part of its bug bounty and vulnerability coordination platform.",
"contact": [
{
"email": [],
"contact": [
{
"label": "HackerOne Support Portal",
"url": "https://support.hackerone.com/support/home"
}
],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.hackerone.com/disclosure-guidelines"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://hackerone.com/hacktivity?querystring=&filter=type:hacker-published&order_direction=DESC&order_field=popular"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Bug Bounty Provider"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "hikvision",
"cnaID": "CNA-2018-0002",
"organizationName": "Hangzhou Hikvision Digital Technology Co., Ltd.",
"scope": "All Hikvision Internet of Things (IoT) products including cameras and digital video recorders (DVRs).",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "hsrc@hikvision.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.hikvision.com/en/policies/vulnerability-disclosure-policy/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://us.hikvision.com/en/support-resources/cybersecurity-center/security-notices"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "China"
},
{
"shortName": "HCL",
"cnaID": "CNA-2019-0010",
"organizationName": "HCL Software",
"scope": "All HCL products only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "psirt@hcl.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.hcltech.com/software/psirt/hcl-software-vulnerability-disclosure-policy"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://hclpnpsupport.hcltech.com/csm?id=search&spa=1&t=kb&q=Security%20Bulletin"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "India"
},
{
"shortName": "hpe",
"cnaID": "CNA-2016-0003",
"organizationName": "Hewlett Packard Enterprise (HPE)",
"scope": "HPE issues only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security-alert@hpe.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00100637en_us"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://support.hpe.com/portal/site/hpsc/public/kb/secBullArchive/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "Hitachi_Energy",
"cnaID": "CNA-2021-0028",
"organizationName": "Hitachi Energy",
"scope": "Hitachi Energy products only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "cybersecurity@hitachienergy.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://publisher.hitachienergy.com/preview?DocumentID=9AKK107991A7713&LanguageCode=en&DocumentPartId=&Action=Launch"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.hitachienergy.com/cybersecurity/alerts-and-notifications"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "icscert",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "CISA",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA)"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "Switzerland"
},
{
"shortName": "hp",
"cnaID": "CNA-2009-0003",
"organizationName": "HP Inc.",
"scope": "Issues with any HP-branded product, including computing software and hardware, imaging and printing, as well as HyperX, Teradici, Poly, and Plantronics branded devices.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "hp-security-alert@hp.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://support.hp.com/us-en/document/c06144280"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://support.hp.com/us-en/security-bulletins"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "huawei",
"cnaID": "CNA-2016-0012",
"organizationName": "Huawei Technologies",
"scope": "Huawei issues only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "psirt@huawei.com"
}
],
"contact": [
{
"label": "Huawei security contact page",
"url": "https://www.huawei.com/psirt"
}
],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.huawei.com/en/psirt/vul-response-process"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.huawei.com/en/psirt/all-bulletins"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "China"
},
{
"shortName": "@huntr_ai",
"cnaID": "CNA-2021-0018",
"organizationName": "Protect AI (formerly huntr.dev)",
"scope": "Vulnerabilities in Protect AI products, third-party code vulnerabilities reported by researchers collaborating with huntr and vulnerabilities discovered by, or reported to, Protect AI that are not in another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@huntr.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://huntr.com/guidelines/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://huntr.com/bounties/hacktivity"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Bug Bounty Provider",
"Open Source",
"Researcher"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "ibm",
"cnaID": "CNA-2011-0007",
"organizationName": "IBM Corporation",
"scope": "All IBM branded products (IBM will confirm support status and notify researcher).",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "psirt@us.ibm.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.ibm.com/security/secure-engineering/report.html"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.ibm.com/support/pages/bulletin/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor",
"Open Source"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "intel",
"cnaID": "CNA-2016-0005",
"organizationName": "Intel Corporation",
"scope": "Intel branded products and technologies and Intel managed open source projects.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "secure@intel.com"
}
],
"contact": [
{
"label": "Intel security contact page",
"url": "https://security-center.intel.com/"
}
],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.intel.com/content/www/us/en/security-center/vulnerability-handling-guidelines.html"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.intel.com/content/www/us/en/security-center/default.html"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor",
"Open Source"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "isc",
"cnaID": "CNA-2016-0020",
"organizationName": "Internet Systems Consortium (ISC)",
"scope": "All ISC.org projects.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security-officer@isc.org"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://kb.isc.org/docs/aa-00861"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://kb.isc.org/docs/aa-01020"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor",
"Open Source"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "INCD",
"cnaID": "CNA-2021-0030",
"organizationName": "Israel National Cyber Directorate (INCD)",
"scope": "Vulnerability assignment related to its vulnerability coordination role.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "cna@cyber.gov.il"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.gov.il/en/departments/general/cve_policy"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.gov.il/en/departments/faq/cve_advisories"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"CERT"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "Israel"
},
{
"shortName": "jenkins",
"cnaID": "CNA-2018-0015",
"organizationName": "Jenkins Project",
"scope": "Jenkins and Jenkins plugins distributed by the Jenkins Project (listed on plugins.jenkins.io) only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "jenkinsci-cert@googlegroups.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://jenkins.io/security/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://jenkins.io/security/advisories/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Open Source"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "jci",
"cnaID": "CNA-2019-0001",
"organizationName": "Johnson Controls",
"scope": "Johnson Controls products only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "productsecurity@jci.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.johnsoncontrols.com/trust-center/cybersecurity/response#CoordinatedDisclosure"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.johnsoncontrols.com/trust-center/cybersecurity/security-advisories"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "icscert",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "CISA",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA)"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "Joomla",
"cnaID": "CNA-2020-0036",
"organizationName": "Joomla! Project",
"scope": "Core Joomla! CMS, the Joomla Framework, and Joomla! Extensions issues only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@joomla.org"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://developer.joomla.org/security.html"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://developer.joomla.org/security-centre.html"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor",
"Open Source"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "jpcert",
"cnaID": "CNA-2010-0001",
"organizationName": "JPCERT/CC",
"scope": "Root Scope: Japan organizations.
CNA Scope: Vulnerability assignment related to its vulnerability coordination role.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "vuls@jpcert.or.jp"
}
],
"contact": [
{
"label": "JPCERT/CC contact page",
"url": "https://www.jpcert.or.jp/vh/index.html"
}
],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.jpcert.or.jp/english/vh/2018/20180330-vulpolicy.pdf#search='disclosure"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://jvn.jp/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"CERT"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "Root"
},
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "Japan"
},
{
"shortName": "juniper",
"cnaID": "CNA-2016-0001",
"organizationName": "Juniper Networks, Inc.",
"scope": "Juniper issues only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "sirt@juniper.net"
}
],
"contact": [
{
"label": "Juniper security contact page",
"url": "https://www.juniper.net/us/en/security/report-vulnerability/"
}
],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.juniper.net/us/en/security/report-vulnerability/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://kb.juniper.net/InfoCenter/index?page=content&channel=SECURITY_ADVISORIES"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor",
"Open Source"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "Kaspersky",
"cnaID": "CNA-2017-0027",
"organizationName": "Kaspersky",
"scope": "Kaspersky B2C and B2B products, as well as vulnerabilities discovered in third-party software not in another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "cna@kaspersky.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://support.kaspersky.com/general/vulnerability.aspx?el=12429#block0"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://support.kaspersky.com/general/vulnerability.aspx?el=12430"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor",
"Researcher"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "Russia"
},
{
"shortName": "krcert",
"cnaID": "CNA-2016-0021",
"organizationName": "KrCERT/CC",
"scope": "Vulnerability assignment related to its vulnerability coordination role.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "vuln@krcert.or.kr"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://knvd.krcert.or.kr/processingProcedures.do"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.krcert.or.kr/kr/bbs/list.do?menuNo=205023&bbsId=B0000302"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"CERT"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "South Korea"
},
{
"shortName": "kubernetes",
"cnaID": "CNA-2017-0022",
"organizationName": "Kubernetes",
"scope": "Kubernetes issues only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@kubernetes.io"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://kubernetes.io/security"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://kubernetes.io/cve"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor",
"Open Source"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "larry_cashdollar",
"cnaID": "CNA-2016-0007",
"organizationName": "Larry Cashdollar",
"scope": "Third-party products he researches that are not in another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "larry0@me.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "http://www.vapidlabs.com/misc/policy.html"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "http://www.vapidlabs.com/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Researcher"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "lenovo",
"cnaID": "CNA-2016-0013",
"organizationName": "Lenovo Group Ltd.",
"scope": "Lenovo general-purpose computers, software for general-purpose operating systems, mobile devices, enterprise storage, and networking products only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "psirt@lenovo.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.lenovo.com/us/en/product-security/vulnerability-disclosure-policy"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://support.lenovo.com/us/en/product_security/home"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "LY-Corporation",
"cnaID": "CNA-2020-0038",
"organizationName": "LY Corporation",
"scope": "Current versions of LINE Messenger Application for iOS, Android, Mac, and Windows, plus LINE Open Source projects hosted on https://github.com/line.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "ml-sec-cna@lycorp.co.jp"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://line.github.io/security-advisory-blog/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://line.github.io/security-advisory-blog/advisory"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "jpcert",
"organizationName": "JPCERT/CC"
},
"type": [
"Open Source"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "Japan"
},
{
"shortName": "Logitech",
"cnaID": "CNA-2020-0032",
"organizationName": "Logitech",
"scope": "All current products/software/apps made by Logitech, Ultimate Ears, Jaybird, Streamlabs, Logitech G, Logicool, Blue, and Astro Gaming.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "cve-coordination@logitech.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://hackerone.com/logitech"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://hackerone.com/logitech/hacktivity"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "Switzerland"
},
{
"shortName": "Mattermost",
"cnaID": "CNA-2020-0028",
"organizationName": "Mattermost, Inc.",
"scope": "All Mattermost issues, and vulnerabilities discovered by Mattermost that are not in another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "responsibledisclosure@mattermost.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://mattermost.com/security-vulnerability-report/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://mattermost.com/security-updates/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor",
"Researcher"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "Mautic",
"cnaID": "CNA-2021-0005",
"organizationName": "Mautic",
"scope": "Mautic core and officially supported plugins.",
"contact": [
{
"email": [],
"contact": [
{
"label": "Mautic Security Team",
"url": "https://www.mautic.org/mautic-security-team"
}
],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.mautic.org/mautic-security-team/mautic-security-advisory-policy"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://github.com/mautic/mautic/security/advisories"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor",
"Open Source"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "Trellix",
"cnaID": "CNA-2016-0022",
"organizationName": "Trellix",
"scope": "All Trellix Enterprise (formerly McAfee Enterprise and FireEye) products, as well as vulnerabilities in third-party software discovered by Trellix Advanced Research Center (Trellix ACR) that are not in another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "trellixpsirt@trellix.com"
}
],
"contact": [
{
"label": "Report an issue",
"url": "https://hackerone.com/trellix"
}
],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://kcm.trellix.com/corporate/index?page=content&id=KB95564"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://supportm.trellix.com/webcenter/portal/supportportal/pages_knowledgecenter"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor",
"Researcher"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "OpenText",
"cnaID": "CNA-2014-0002",
"organizationName": "OpenText (formerly Micro Focus)",
"scope": "All OpenText products (including Carbonite, Zix, Micro Focus, others).",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@opentext.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.opentext.com/about/security-acknowledgements"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://knowledge.opentext.com/knowledge/llisapi.dll/open/alerts"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "microsoft",
"cnaID": "CNA-2005-0005",
"organizationName": "Microsoft Corporation",
"scope": "Microsoft issues only, excluding end-of-life (EOL) as listed in the Microsoft Lifecycle Policy.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "secure@microsoft.com"
}
],
"contact": [
{
"label": "Microsoft security contact page",
"url": "https://technet.microsoft.com/en-us/security/ff852094.aspx"
}
],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.microsoft.com/en-us/msrc/cvd?rtc=1"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url":"https://www.microsoft.com/en-us/msrc/technical-security-notifications"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "mitre",
"cnaID": "CNA-1999-0001",
"organizationName": "MITRE Corporation",
"scope": "All vulnerabilities, and Open Source software product vulnerabilities, not already covered by a CNA listed on this website.",
"contact": [
{
"email": [],
"contact": [],
"form": [
{
"label": "MITRE CVE Request web form",
"url": "https://cveform.mitre.org/"
}
]
}
],
"disclosurePolicy": [
{
"label": "N/A",
"language": "",
"url": ""
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "N/A",
"url": ""
}
]
},
"resources": [],
"CNA": {
"isRoot": true,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"N/A"
],
"TLR": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "reports to CVE Board",
"role": "Top-Level Root"
},
{
"helpText": "reports to MITRE TL-Root",
"role": "CNA-LR"
},
{
"helpText": "reports to CVE Board",
"role": "Secretariat"
}
]
},
"country": "USA"
},
{
"shortName": "Mitsubishi",
"cnaID": "CNA-2020-0039",
"organizationName": "Mitsubishi Electric Corporation",
"scope": "Vulnerabilities related to products of Mitsubishi Electric Group.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.mitsubishielectric.com/en/psirt/disclosurepolicy/index.html"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/index.html"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "jpcert",
"organizationName": "JPCERT/CC"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "Japan"
},
{
"shortName": "mongodb",
"cnaID": "CNA-2018-0013",
"organizationName": "MongoDB, Inc.",
"scope": "MongoDB products only, not including end-of-life components or products.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "cna@mongodb.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.mongodb.com/security"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.mongodb.com/security"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor",
"Open Source"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "mozilla",
"cnaID": "CNA-2012-0002",
"organizationName": "Mozilla Corporation",
"scope": "Mozilla issues only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@mozilla.org"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.mozilla.org/en-US/about/governance/policies/security-group/bugs/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.mozilla.org/en-US/security/advisories/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor",
"Open Source"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "naver",
"cnaID": "CNA-2018-0007",
"organizationName": "Naver Corporation",
"scope": "Naver products only, except Line products.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "cve@navercorp.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://cve.naver.com/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://cve.naver.com/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "South Korea"
},
{
"shortName": "NEC",
"cnaID": "CNA-2021-0012",
"organizationName": "NEC Corporation",
"scope": "NEC issues only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "psirt-info@mlsig.jp.nec.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://jpn.nec.com/security-info/policy_en.html"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://jpn.nec.com/security-info/index.html"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "jpcert",
"organizationName": "JPCERT/CC"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "Japan"
},
{
"shortName": "netapp",
"cnaID": "CNA-2017-0035",
"organizationName": "NetApp, Inc.",
"scope": "All NetApp products as well as projects hosted on https://github.com/netapp.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security-alert@netapp.com"
}
],
"contact": [
{
"label": "NetApp security contact page",
"url": "https://security.netapp.com/"
}
],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://security.netapp.com/policy/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://security.netapp.com/advisory/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "netflix",
"cnaID": "CNA-2017-0016",
"organizationName": "Netflix, Inc.",
"scope": "Current versions of Netflix Mobile Streaming Application for iOS, Android, and Windows Mobile, plus all Netflix Open Source projects hosted on https://github.com/Netflix/ and https://github.com/spinnaker/.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security-report@netflix.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://help.netflix.com/en/node/6657"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://github.com/Netflix/security-bulletins"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor",
"Open Source"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "Absolute",
"cnaID": "CNA-2021-0033",
"organizationName": "Absolute Software",
"scope": "Absolute issues only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "securityresponse@absolute.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.absolute.com/platform/security-information/vulnerability-reporting-management"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.absolute.com/platform/security-information/vulnerability-archive/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "NLnet_Labs",
"cnaID": "CNA-2020-0033",
"organizationName": "NLnet Labs",
"scope": "All NLnet Labs projects.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "sep@nlnetlabs.nl"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://nlnetlabs.nl/security-report/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "RPKI Advisories",
"url": "https://nlnetlabs.nl/projects/rpki/security-advisories/"
},
{
"label": "NSD Advisories",
"url": "https://nlnetlabs.nl/projects/nsd/security-advisories/"
},
{
"label": "Unbound Advisories",
"url": "https://nlnetlabs.nl/projects/unbound/security-advisories/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor",
"Open Source"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "Netherlands"
},
{
"shortName": "nodejs",
"cnaID": "CNA-2017-0036",
"organizationName": "Node.js",
"scope": "All actively developed versions of software developed under the Node.js project on https://github.com/nodejs/.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "cve-request@iojs.org"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://nodejs.org/en/security/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://github.com/nodejs/security-advisories"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor",
"Open Source"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "NLOK",
"cnaID": "CNA-2020-0016",
"organizationName": "NortonLifeLock Inc.",
"scope": "All NortonLifeLock product issues only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@nortonlifelock.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.nortonlifelock.com/content/dam/nortonlifelock/pdfs/other-resources/guidelines-for-security-vulnerability-reporting-and-response-en.pdf"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://us.norton.com/support/tools/security-advisories.html"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "Nozomi",
"cnaID": "CNA-2020-0029",
"organizationName": "Nozomi Networks Inc.",
"scope": "All Nozomi Networks products, as well as vulnerabilities in third-party software discovered by Nozomi Networks that are not in another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "prodsec@nozominetworks.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://security.nozominetworks.com/psirt"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://security.nozominetworks.com/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor",
"Researcher"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "nvidia",
"cnaID": "CNA-2016-0015",
"organizationName": "NVIDIA Corporation",
"scope": "NVIDIA issues only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "psirt@nvidia.com"
}
],
"contact": [
{
"label": "NVIDIA security contact page",
"url": "https://www.nvidia.com/en-us/security/report-vulnerability/"
}
],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.nvidia.com/en-us/security/psirt-policies/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.nvidia.com/en-us/security/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "obdev",
"cnaID": "CNA-2016-0016",
"organizationName": "Objective Development Software GmbH",
"scope": "Objective Development issues only.",
"contact": [
{
"email": [],
"contact": [
{
"label": "Objective Development security page",
"url": "https://obdev.at/go/cna"
}
],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://obdev.at/cve/vulnerability-disclosure-policy.html"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://obdev.at/cve/published-vulnerabilities.html"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "Austria"
},
{
"shortName": "Octopus",
"cnaID": "CNA-2021-0017",
"organizationName": "Octopus Deploy",
"scope": "All Octopus Deploy products, as well as Octopus Deploy maintained projects hosted on https://github.com/OctopusDeploy.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@octopus.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://octopus.com/security/disclosure"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://advisories.octopus.com/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor",
"Open Source"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "Australia"
},
{
"shortName": "odoo",
"cnaID": "CNA-2018-0009",
"organizationName": "Odoo",
"scope": "Odoo issues only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@odoo.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.odoo.com/security-report"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.odoo.com/r/security-issues"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "Belgium"
},
{
"shortName": "openEuler",
"cnaID": "CNA-2020-0020",
"organizationName": "openEuler",
"scope": "openEuler issues only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "openeuler-security@openeuler.org"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://openeuler.org/en/security/vulnerability-reporting/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.openeuler.org/zh/security/security-bulletins/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor",
"Open Source"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "China"
},
{
"shortName": "openssl",
"cnaID": "CNA-2016-0019",
"organizationName": "OpenSSL Software Foundation",
"scope": "OpenSSL software projects only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "openssl-security@openssl.org"
}
],
"contact":[
{
"label": "Reporting Security Bugs",
"url": "https://www.openssl.org/community/#securityreports"
}
],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.openssl.org/policies/secpolicy.html"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.openssl.org/news/vulnerabilities.html"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor",
"Open Source"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "OpenVPN",
"cnaID": "CNA-2020-0017",
"organizationName": "OpenVPN Inc.",
"scope": "All products and projects in which OpenVPN is directly involved commercially and for OpenVPN community projects, including Private Tunnel.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@openvpn.net"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://openvpn.net/vulnerability-disclosure-policy/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Business VPN Advisories",
"url": "https://openvpn.net/security-advisories/"
},
{
"label": "Community Advisories",
"url": "https://community.openvpn.net/openvpn/wiki/SecurityAnnouncements"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor",
"Open Source"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "Opera",
"cnaID": "CNA-2019-0017",
"organizationName": "Opera",
"scope": "Opera issues only.",
"contact": [
{
"email": [],
"contact": [
{
"label": "Opera security contact page",
"url": "https://security.opera.com/en/report-security-issue/"
}
],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://security.opera.com/en/policy/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://security.opera.com/en/advisories/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor",
"Open Source"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "Norway"
},
{
"shortName": "OPPO",
"cnaID": "CNA-2019-0006",
"organizationName": "OPPO Mobile Telecommunication Corp., Ltd.",
"scope": "OPPO devices only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@oppo.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://security.oppo.com/en/responsibleDisclosure"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://security.oppo.com/en/notice"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "China"
},
{
"shortName": "oracle",
"cnaID": "CNA-2008-0001",
"organizationName": "Oracle",
"scope": "Oracle supported version product issues only; CVE IDs will not be assigned for unsupported products or versions (Oracle will confirm support status and notify researcher).",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "secalert_us@oracle.com"
}
],
"contact": [
{
"label": "Oracle security contact page",
"url": "https://www.oracle.com/support/assurance/vulnerability-remediation/reporting-security-vulnerabilities.html"
}
],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.oracle.com/corporate/security-practices/assurance/vulnerability/disclosure.html"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.oracle.com/security-alerts/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Hosted Service",
"Open Source",
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "OTRS",
"cnaID": "CNA-2019-0015",
"organizationName": "OTRS AG",
"scope": "Vulnerabilities for OTRS and ((OTRS)) Community Edition and modules only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@otrs.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://otrs.com/vulnerability-disclosure-policy"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://otrs.com/overview-release-notes-security-advisories/security-advisories/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "Germany"
},
{
"shortName": "palo_alto",
"cnaID": "CNA-2018-0005",
"organizationName": "Palo Alto Networks, Inc.",
"scope": "All Palo Alto Networks products, and vulnerabilities discovered by Palo Alto Networks that are not in another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "psirt@paloaltonetworks.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.paloaltonetworks.com/security-disclosure"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://securityadvisories.paloaltonetworks.com/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor",
"Researcher"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "Patchstack",
"cnaID": "CNA-2021-0025",
"organizationName": "Patchstack",
"scope": "Vulnerabilities in third-party products discovered by Patchstack and Patchstack Bug Bounty program unless covered by the scope of another CNA.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "audit@patchstack.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://patchstack.com/patchstack-vulnerability-disclosure-policy/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Database",
"url": "https://patchstack.com/database/"
},
{
"label": "Advisories",
"url": "https://patchstack.com/security-advisories/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Bug Bounty Provider",
"Hosted Service",
"Open Source",
"Researcher",
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "Estonia"
},
{
"shortName": "Pega",
"cnaID": "CNA-2020-0012",
"organizationName": "Pegasystems Inc.",
"scope": "Pegasystems products only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "securityreport@pega.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.pega.com/responsible-disclosure-policy"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.pega.com/trust/security-advisories"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "php",
"cnaID": "CNA-2018-0014",
"organizationName": "PHP Group",
"scope": "Vulnerabilities in PHP code (code in https://github.com/php/php-src) only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@php.net"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://wiki.php.net/security"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.php.net/ChangeLog-8.php"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor",
"Open Source"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "Perforce",
"cnaID": "CNA-2016-0023",
"organizationName": "Perforce",
"scope": "All Perforce products.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@perforce.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.perforce.com/company/security-compliance-policies"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://portal.perforce.com/s/cve-dashboard"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor",
"Open Source"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "qnap",
"cnaID": "CNA-2017-0030",
"organizationName": "QNAP Systems, Inc.",
"scope": "QNAP issues only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@qnap.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.qnap.com/en-us/security-advisory/report"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.qnap.com/en/security-advisories"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "Taiwan"
},
{
"shortName": "qualcomm",
"cnaID": "CNA-2017-0007",
"organizationName": "Qualcomm, Inc.",
"scope": "Qualcomm and Snapdragon issues only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "product-security@qualcomm.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.qualcomm.com/news/onq/2019/01/16/inside-qualcomm-technologies-vulnerability-rewards-program"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.qualcomm.com/company/product-security/bulletins"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "rapid7",
"cnaID": "CNA-2016-0024",
"organizationName": "Rapid7, Inc.",
"scope": "All Rapid7 products, and vulnerabilities discovered by Rapid7 that are not in another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "cve@rapid7.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.rapid7.com/security/disclosure/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.rapid7.com/db/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor",
"Open Source",
"Researcher"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "redhat",
"cnaID": "CNA-2005-0006",
"organizationName": "Red Hat, Inc.",
"scope": "Root Scope: The Red Hat Root’s scope includes the open source community. Any open source organizations that prefer Red Hat as their Root; organizations are free to choose another Root if it suits them better.
CNA-LR Scope: Vulnerabilities in software developed by a CNA within the Red Hat Root hierarchy.
CNA Scope: Vulnerabilities in open source projects affecting Red Hat software that are not covered by a more specific CNA. CVEs can be assigned to vulnerabilities affecting end-of-life or unsupported Red Hat software.",
"contact": [
{
"email": [
{
"label": "Root contact email",
"emailAddr": "RootCNA-Coordination@redhat.com"
},
{
"label": "CNA-LR contact email",
"emailAddr": "cnalr-coordination@redhat.com"
},
{
"label": "CNA contact email",
"emailAddr": "secalert@redhat.com"
}
],
"contact": [
{
"label": "Red Hat security contact page",
"url": "https://access.redhat.com/security/team/contact"
}
],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://access.redhat.com/articles/red_hat_cna_vulnerability_disclosure_policy"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://access.redhat.com/security/security-updates/#/security-advisories"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor",
"Open Source"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "reports to MITRE Top-Level Root",
"role": "Root"
},
{
"helpText": "reports to Red Hat Root",
"role": "CNA-LR"
},
{
"helpText": "reports to Red Hat Root",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "Replicated",
"cnaID": "CNA-2020-0023",
"organizationName": "Replicated, Inc.",
"scope": "Replicated products and services only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@replicated.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.replicated.com/security/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.replicated.com/security/advisories/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "bosch",
"cnaID": "CNA-2019-0004",
"organizationName": "Robert Bosch GmbH",
"scope": "Bosch products only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "psirt@bosch.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://psirt.bosch.com/bosch-responsible-disclosure-policy/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://psirt.bosch.com/security-advisories/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "icscert",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "CISA",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA)"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "Germany"
},
{
"shortName": "Salesforce",
"cnaID": "CNA-2019-0007",
"organizationName": "Salesforce, Inc.",
"scope": "Salesforce products only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@salesforce.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://trust.salesforce.com/en/security/responsible-disclosure-policy"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://trust.salesforce.com/en/security/security-advisories/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "Samsung_Mobile",
"cnaID": "CNA-2021-0001",
"organizationName": "Samsung Mobile",
"scope": "Samsung Mobile Galaxy products, personal computers, and related services only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "mobile.security@samsung.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://security.samsungmobile.com/securityReporting.smsb"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://security.samsungmobile.com/workScope.smsb"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "South Korea"
},
{
"shortName": "sap",
"cnaID": "CNA-2017-0038",
"organizationName": "SAP SE",
"scope": "All SAP products.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "cna@sap.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.sap.com/about/trust-center/security/incident-management.html"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "Germany"
},
{
"shortName": "Secomea",
"cnaID": "CNA-2020-0037",
"organizationName": "Secomea A/S",
"scope": "Supported Secomea products only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "vulnerabilityreporting@secomea.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.secomea.com/cybersecurity-advisory/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.secomea.com/cybersecurity-advisory/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "icscert",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "CISA",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA)"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "Denmark"
},
{
"shortName": "schneider",
"cnaID": "CNA-2017-0009",
"organizationName": "Schneider Electric",
"scope": "All Schneider Electric products, including Proface, APC, and Eurotherm.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "cpcert@se.com"
}
],
"contact": [
{
"label": "Schneider Electric security contact page",
"url": "https://www.se.com/ww/en/work/support/cybersecurity/report-a-vulnerability.jsp"
}
],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.se.com/ww/en/work/support/cybersecurity/vulnerability-policy.jsp"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.se.com/ww/en/work/support/cybersecurity/security-notifications.jsp"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "France"
},
{
"shortName": "SICK_AG",
"cnaID": "CNA-2019-0016",
"organizationName": "SICK AG",
"scope": "SICK AG issues only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "psirt@sick.de"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://sick.com/psirt"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://sick.com/psirt#advisories"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "Germany"
},
{
"shortName": "siemens",
"cnaID": "CNA-2017-0006",
"organizationName": "Siemens",
"scope": "Siemens issues only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "productcert@siemens.com"
}
],
"contact": [
{
"label": "Siemens security contact page",
"url": "https://www.siemens.com/cert"
}
],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.siemens.com/global/en/products/services/cert/vulnerability-process.html"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.siemens.com/global/en/products/services/cert.html#SiemensSecurityAdvisories"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "icscert",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "CISA",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA)"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "Germany"
},
{
"shortName": "SWI",
"cnaID": "CNA-2020-0015",
"organizationName": "Sierra Wireless Inc.",
"scope": "Sierra Wireless products only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@sierrawireless.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.sierrawireless.com/company/iot-device-security/report-an-issue/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.sierrawireless.com/company/iot-device-security/security-bulletins/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "Canada"
},
{
"shortName": "Silver_Peak",
"cnaID": "CNA-2020-0011",
"organizationName": "Silver Peak Systems, Inc.",
"scope": "Silver Peak product issues only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "sirt@silver-peak.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.silver-peak.com/support/user-documentation/security-advisories"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.silver-peak.com/support/user-documentation/security-advisories"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "Simplinx",
"cnaID": "CNA-2021-0007",
"organizationName": "Simplinx Ltd.",
"scope": "Simplinx products only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@simplinx.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://simplinx.com/en/vulnerability-handling-and-disclosure-process/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://simplinx.com/en/security-advisories/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "icscert",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "CISA",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA)"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "Türkiye"
},
{
"shortName": "snyk",
"cnaID": "CNA-2017-0029",
"organizationName": "Snyk",
"scope": "Vulnerabilities in Snyk products and vulnerabilities discovered by, or reported to, Snyk that are not in another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "report@snyk.io"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://snyk.io/vulnerability-disclosure/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://snyk.io/vuln/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Open Source",
"Researcher"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "UK"
},
{
"shortName": "SolarWinds",
"cnaID": "CNA-2021-0027",
"organizationName": "SolarWinds",
"scope": "SolarWinds products only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "psirt@solarwinds.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.solarwinds.com/information-security/vulnerability-disclosure-policy"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.solarwinds.com/trust-center/security-advisories"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "sonicwall",
"cnaID": "CNA-2018-0004",
"organizationName": "SonicWall, Inc.",
"scope": "SonicWall issues only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "PSIRT@sonicwall.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://psirt.global.sonicwall.com/vuln-policy"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://psirt.global.sonicwall.com/vuln-list"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "Sophos",
"cnaID": "CNA-2021-0003",
"organizationName": "Sophos Limited",
"scope": "Sophos issues only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security-alert@sophos.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://sophos.com/security/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://community.sophos.com/b/security-blog/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "UK"
},
{
"shortName": "INCIBE",
"cnaID": "CNA-2020-0002",
"organizationName": "Spanish National Cybersecurity Institute, S.A. (INCIBE)",
"scope": "Root Scope: Spain organizations.
CNA Scope: Vulnerability assignment related to its vulnerability coordination role for Industrial Control Systems (ICS), Information Technologies (IT), and Internet of Things (IoT) systems issues at the national level, and vulnerabilities reported to INCIBE by Spain organizations and researchers that are not in another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "cve-coordination@incibe.es"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy (Spanish)",
"language": "Spanish",
"url": "https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/asignacion-publicacion-cve"
},
{
"label": "Policy (English)",
"language": "English",
"url": "https://www.incibe.es/en/incibe-cert/early-warning/vulnerabilities/cve-assignment-publication"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories (Spanish)",
"url": "https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/avisos-cna"
},
{
"label": "Advisories (English)",
"url": "https://www.incibe.es/en/incibe-cert/early-warning/vulnerabilities/advisories-cna"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"CERT"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "Root"
},
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "Spain"
},
{
"shortName": "Splunk",
"cnaID": "CNA-2019-0012",
"organizationName": "Splunk Inc.",
"scope": "Splunk products only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "prodsec@splunk.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.splunk.com/page/securityportal"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.splunk.com/page/securityportal"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "suse",
"cnaID": "CNA-2014-0003",
"organizationName": "SUSE",
"scope": "SUSE and Rancher issues only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@suse.de"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.suse.com/support/security/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.suse.com/support/update/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor",
"Open Source"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "Swift",
"cnaID": "CNA-2021-0004",
"organizationName": "Swift Project",
"scope": "The Swift Project only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "cve@forums.swift.org"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://swift.org/support/security.html"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://swift.org/support/security.html"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor",
"Open Source"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "symantec",
"cnaID": "CNA-2012-0003",
"organizationName": "Symantec - A Division of Broadcom",
"scope": "Symantec Enterprise products as well as vulnerabilities in third-party software discovered by Symantec that are not in another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "symantec.psirt@broadcom.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.broadcom.com/support/security-center/vulnerability-management"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://support.broadcom.com/security-advisory/security-advisories-list.html"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor",
"Researcher"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "Synaptics",
"cnaID": "CNA-2020-0021",
"organizationName": "Synaptics, Inc.",
"scope": "Synaptics issues only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "psirt@synaptics.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.synaptics.com/vulnerability-disclosure-policy"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Touchpad Family Advisories",
"url": "https://www.synaptics.com/products/touchpad-family"
},
{
"label": "Biomentrics Advisories",
"url": "https://www.synaptics.com/products/biometrics"
},
{
"label": "Far-Field Voice DSPs Advisories",
"url": "https://www.synaptics.com/products/far-field-voice-dsp"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "synology",
"cnaID": "CNA-2017-0012",
"organizationName": "Synology Inc.",
"scope": "Synology issues only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@synology.com"
}
],
"contact": [
{
"label": "Synology security contact page",
"url": "https://www.synology.com/en-global/support/security"
}
],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.synology.com/en-us/security/bounty_program"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.synology.com/en-global/security/advisory"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "Taiwan"
},
{
"shortName": "BlackDuck",
"cnaID": "CNA-2021-0013",
"organizationName": "Black Duck Software, Inc.",
"scope": "All Black Duck (formerly Synopsys Software Integrity Group) products, as well as vulnerabilities in third-party software discovered by Black Duck that are not in another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "psirt@blackduck.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.blackduck.com/company/legal/vulnerability-disclosure-policy.html"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.blackduck.com/blog/category.cyrc.html#1"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor",
"Researcher"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "talos",
"cnaID": "CNA-2016-0017",
"organizationName": "Talos",
"scope": "Third-party products it researches.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "talos-cna@cisco.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://tools.cisco.com/security/center/resources/vendor_vulnerability_policy.html"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://talosintelligence.com/vulnerability_reports"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Researcher"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "Tcpdump",
"cnaID": "CNA-2020-0003",
"organizationName": "Tcpdump Group",
"scope": "Tcpdump and Libpcap only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@tcpdump.org"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.tcpdump.org/security.html"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.tcpdump.org/public-cve-list.txt"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor",
"Open Source"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "Canada"
},
{
"shortName": "tenable",
"cnaID": "CNA-2017-0023",
"organizationName": "Tenable Network Security, Inc.",
"scope": "Tenable products and third-party products it researches not covered by another CNA.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "vulnreport@tenable.com"
}
],
"contact": [
{
"label": "Tenable security contact page",
"url": "https://www.tenable.com/security/report/"
}
],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.tenable.com/security/report"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.tenable.com/security"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "TianoCore",
"cnaID": "CNA-2020-0031",
"organizationName": "TianoCore.org",
"scope": "Software vulnerabilities related to the TianoCore Open Source.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "infosec-cna@edk2.groups.io"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://github.com/tianocore/tianocore.github.io/wiki/Reporting-Security-Issues"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://tianocore-docs.github.io/SecurityAdvisory/draft/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor",
"Open Source"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "tibco",
"cnaID": "CNA-2017-0001",
"organizationName": "TIBCO Software Inc.",
"scope": "TIBCO, Talarian, Spotfire, Data Synapse, Foresight, Kabira, Proginet, LogLogic, StreamBase, JasperSoft, and Mashery products/brands only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@tibco.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.tibco.com/security/vulnerability-disclosure-policy"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.tibco.com/services/support/advisories"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "Tigera",
"cnaID": "CNA-2019-0011",
"organizationName": "Tigera, Inc.",
"scope": "All vulnerabilities for Calico and all of Tigera’s products only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "psirt@tigera.io"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.projectcalico.org/vulnerability-disclosure/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.projectcalico.org/security-bulletins/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor",
"Open Source"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "Toshiba",
"cnaID": "CNA-2021-0024",
"organizationName": "Toshiba Corporation",
"scope": "Vulnerabilities related to products and services of Toshiba Group.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "hdq-toshiba-psirt@ml.toshiba.co.jp"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.global.toshiba/ww/cybersecurity/corporate/psirt.html"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.global.toshiba/ww/cybersecurity/corporate/psirt.html"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "jpcert",
"organizationName": "JPCERT/CC"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "Japan"
},
{
"shortName": "TR-CERT",
"cnaID": "CNA-2021-0034",
"organizationName": "TR-CERT (Computer Emergency Response Team of the Republic of Türkiye)",
"scope": "Vulnerability assignment related to its vulnerability coordination role.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "cve@usom.gov.tr"
}
],
"contact": [
{
"label": "Report a Vulnerability (Turkish)",
"language": "Turkish",
"url": "https://www.usom.gov.tr/zafiyet"
},
{
"label": "Report a Vulnerability (English)",
"language": "English",
"url": "https://www.usom.gov.tr/en/vulnerability"
}
],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy (Turkish)",
"language": "Turkish",
"url": "https://www.usom.gov.tr/zafiyet-bildirim-politikasi"
},
{
"label": "Policy (English)",
"language": "English",
"url": "https://www.usom.gov.tr/en/vulnerability-disclosure-policy"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories (Turkish)",
"language": "Turkish",
"url": "https://www.usom.gov.tr/bildirim"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"CERT"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "Türkiye"
},
{
"shortName": "trendmicro",
"cnaID": "CNA-2017-0017",
"organizationName": "Trend Micro, Inc.",
"scope": "Trend Micro supported products, including any end-of-life products.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@trendmicro.com"
}
],
"contact": [
{
"label": "Trend Micro security contact page",
"url": "https://success.trendmicro.com/vulnerability-response"
}
],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://success.trendmicro.com/vulnerability-response"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://success.trendmicro.com/vulnerability-response#report"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "Japan"
},
{
"shortName": "twcert",
"cnaID": "CNA-2018-0012",
"organizationName": "TWCERT/CC",
"scope": "Vulnerability assignment related to its vulnerability coordination role.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "cve@cert.org.tw"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy (Chinese)",
"language": "Chinese",
"url": "https://twcert-official-file.s3.hicloud.net.tw/CNA/TWCERTCC%E6%BC%8F%E6%B4%9E%E6%8F%AD%E9%9C%B2%E6%94%BF%E7%AD%96.pdf"
},
{
"label": "Policy (English)",
"language": "English",
"url": "https://twcert-official-file.s3.hicloud.net.tw/CNA/TWCERTCC_Vulnerability_Disclosure_Policy.pdf"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories (Chinese)",
"url": "https://www.twcert.org.tw/tw/lp-132-1.html"
},
{
"label": "Advisories (English)",
"url": "https://www.twcert.org.tw/en/lp-139-2.html"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"CERT"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "Taiwan"
},
{
"shortName": "Vaadin",
"cnaID": "CNA-2021-0015",
"organizationName": "Vaadin Ltd.",
"scope": "All Vaadin products and supported open source projects hosted at https://github.com/vaadin.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@vaadin.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://vaadin.com/security"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://vaadin.com/security"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor",
"Open Source"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "Finland"
},
{
"shortName": "Vivo",
"cnaID": "CNA-2020-0008",
"organizationName": "Vivo Mobile Communication Co., Ltd.",
"scope": "Vivo issues only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@vivo.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.vivo.com/en/activity/security-advisory"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.vivo.com/en/activity/security-advisory"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "China"
},
{
"shortName": "vmware",
"cnaID": "CNA-2016-0025",
"organizationName": "VMware by Broadcom",
"scope": "VMware, Spring, and Cloud Foundry issues only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "vmware.psirt@broadcom.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.broadcom.com/support/vmware-services/security-response"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.broadcom.com/support/vmware-security-advisories"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor",
"Open Source"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "Mend",
"cnaID": "CNA-2020-0035",
"organizationName": "Mend",
"scope": "Vulnerabilities in Mend (formerly WhiteSource) products and vulnerabilities in third-party software discovered by Mend that are not in another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "vulnerabilitylab@mend.io"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.mend.io/vulnerability-database/disclosure-policy/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.mend.io/vulnerability-database/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor",
"Researcher"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "Wordfence",
"cnaID": "CNA-2021-0022",
"organizationName": "Wordfence",
"scope": "WordPress Plugins, Themes, and Core Vulnerabilities discovered by, or reported to, the Wordfence/Defiant team.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "cve-request@wordfence.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.wordfence.com/security/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.wordfence.com/blog/category/vulnerabilities/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor",
"Researcher"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "WPScan",
"cnaID": "CNA-2021-0002",
"organizationName": "WPScan",
"scope": "WordPress core, plugins, and themes.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "contact@wpscan.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://wpscan.com/vulnerability-disclosure-policy"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Word Press Advisories",
"url": "https://wpscan.com/wordpresses"
},
{
"label": "Word Press Plug In Advisories",
"url": "https://wpscan.com/plugins"
},
{
"label": "Word Press Theme Advisories",
"url": "https://wpscan.com/themes"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor",
"Open Source"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "France"
},
{
"shortName": "XEN",
"cnaID": "CNA-2021-0009",
"organizationName": "Xen Project",
"scope": "All sub-projects under Xen Project’s umbrella (see Xen Project Teams), except those sub-projects that have their own security response process; and the Xen components inside other projects, where Xen Project is the primary developer.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@xen.org"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://xenproject.org/developers/security-policy/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://xenbits.xen.org/xsa/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor",
"Open Source"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "UK"
},
{
"shortName": "Xiaomi",
"cnaID": "CNA-2020-0019",
"organizationName": "Xiaomi Technology Co., Ltd.",
"scope": "Xiaomi issues only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@xiaomi.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://trust.mi.com/misrc/response"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://trust.mi.com/misrc/bulletins"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "China"
},
{
"shortName": "Xylem",
"cnaID": "CNA-2021-0006",
"organizationName": "Xylem",
"scope": "Xylem products and technologies only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "product.security@xyleminc.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.xylem.com/en-us/about-xylem/cybersecurity/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.xylem.com/en-us/about-xylem/cybersecurity/advisories?page=1&pagesize=24&categories=1324"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "icscert",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "CISA",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA)"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "yandex",
"cnaID": "CNA-2016-0018",
"organizationName": "Yandex N.V.",
"scope": "Yandex issues only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "browser-security@yandex-team.ru"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://yandex.com/bugbounty/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://cloud.yandex.com/docs/overview/security-bulletins/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "Russia"
},
{
"shortName": "Zabbix",
"cnaID": "CNA-2020-0022",
"organizationName": "Zabbix",
"scope": "Zabbix products and Zabbix projects listed on https://git.zabbix.com/ only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@zabbix.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.zabbix.com/zabbix_security_policy"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://support.zabbix.com/projects/ZBX/issues/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "Latvia"
},
{
"shortName": "zephyr",
"cnaID": "CNA-2017-0032",
"organizationName": "Zephyr Project",
"scope": "Zephyr project components, and vulnerabilities that are not in another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "vulnerabilities@zephyrproject.org"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://docs.zephyrproject.org/latest/security/security-overview.html#security-vulnerability-reporting"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://docs.zephyrproject.org/latest/security/vulnerabilities.html"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor",
"Open Source"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "zdi",
"cnaID": "CNA-2017-0018",
"organizationName": "Zero Day Initiative",
"scope": "Products and projects covered by its bug bounty programs that are not in another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "zdi-disclosures@trendmicro.com"
}
],
"contact": [
{
"label": "ZDI contact page",
"url": "https://www.zerodayinitiative.com/"
}
],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.zerodayinitiative.com/advisories/disclosure_policy/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.zerodayinitiative.com/advisories/published/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Bug Bounty Provider"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "Japan"
},
{
"shortName": "Zoom",
"cnaID": "CNA-2021-0016",
"organizationName": "Zoom Communications, Inc.",
"scope": "Zoom and Keybase issues only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security-reports@zoom.us"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://zoom.us/docs/en-us/trust/vulnerability-disclosure.html"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://zoom.us/trust/security/security-bulletin"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "Zscaler",
"cnaID": "CNA-2020-0009",
"organizationName": "Zscaler, Inc.",
"scope": "Zscaler issues only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "cve@zscaler.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.zscaler.com/company/vulnerability-disclosure-program"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://trust.zscaler.com/security-advisories"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "ZTE",
"cnaID": "CNA-2017-0019",
"organizationName": "ZTE Corporation",
"scope": "ZTE products only.",
"contact": [
{
"email": [],
"contact": [],
"form": [
{
"label": "ZTE PSIRT contact form",
"url": "https://www.zte.com.cn/global/cybersecurity/ztepsirt.html"
}
]
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.zte.com.cn/global/cybersecurity/ztepsirt/bug-bounty/products.html"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "http://support.zte.com.cn/support/news/NewsMain.aspx"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "China"
},
{
"shortName": "Zyxel",
"cnaID": "CNA-2021-0023",
"organizationName": "Zyxel Corporation",
"scope": "Zyxel products issues only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@zyxel.com.tw"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.zyxel.com/support/security_advisories.shtml"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.zyxel.com/support/security_advisories.shtml"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "Taiwan"
},
{
"shortName": "Snow",
"cnaID": "CNA-2021-0036",
"organizationName": "Snow Software",
"scope": "All Snow Software products.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@snowsoftware.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "English",
"url": "https://www.snowsoftware.com/seo/snow-responsible-disclosure-policy"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://community.snowsoftware.com/s/group/0F91r000000QUhPCAW/news-updates"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "Sweden"
},
{
"shortName": "LGE",
"cnaID": "CNA-2021-0037",
"organizationName": "LG Electronics",
"scope": "LG Electronics products only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "product.security@lge.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "English",
"url": "https://lgsecurity.lge.com/reporting"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Security Bulletins",
"url": "https://lgsecurity.lge.com/bulletins"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "South Korea"
},
{
"shortName": "Censys",
"cnaID": "CNA-2021-0035",
"organizationName": "Censys",
"scope": "All Censys products, and vulnerabilities discovered by Censys that are not in another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@censys.io"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "English",
"url": "https://censys.io/vulnerability-disclosure"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://censys.io/blog"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor",
"Researcher"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "PingIdentity",
"cnaID": "CNA-2021-0042",
"organizationName": "Ping Identity Corporation",
"scope": "All Ping Identity products (supported products and end-of-life/end-of-service products), as well as vulnerabilities in third-party software discovered by Ping Identity that are not in another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "responsible-disclosure@pingidentity.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "English",
"url": "https://www.pingidentity.com/en/company/security-at-ping-identity.html"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://support.pingidentity.com/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Hosted Service",
"Researcher",
"Bug Bounty Provider"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "Palantir",
"cnaID": "CNA-2021-0041",
"organizationName": "Palantir Technologies",
"scope": "Palantir products and technologies only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "cve-coordination@palantir.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "English",
"url": "https://palantir.com/responsible-disclosure"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.palantir.com/security-advisories/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "M-Files",
"cnaID": "CNA-2021-0038",
"organizationName": "M-Files Corporation",
"scope": "M-Files and Hubshare products.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@m-files.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "English",
"url": "https://www.m-files.com/company/trust-center/vulnerability-disclosure/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://product.m-files.com/security-advisories/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "Finland"
},
{
"shortName": "JFrog",
"cnaID": "CNA-2021-0039",
"organizationName": "JFrog",
"scope": "All JFrog products (supported products and end-of-life/end-of-service products); vulnerabilities in third-party software discovered by JFrog that are not in another CNA’s scope; and vulnerabilities in third-party software discovered by external researchers and disclosed to JFrog (includes any embedded devices and their associated mobile applications) that are not in another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "cna@jfrog.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "English",
"url": "https://jfrog.com/trust/report-vulnerability/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.jfrog.com/confluence/display/RTF/Fixed+Security+Vulnerabilities"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor",
"Researcher"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "Israel"
},
{
"shortName": "NCSC.ch",
"cnaID": "CNA-2021-0040",
"organizationName": "Switzerland National Cyber Security Centre (NCSC)",
"scope": "Switzerland Government Common Vulnerability Program.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "vulnerability@ncsc.ch"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "English",
"url": "https://www.ncsc.admin.ch/ncsc/en/home/infos-fuer/infos-it-spezialisten/themen/schwachstelle-melden.html"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.ncsc.admin.ch/ncsc/en/home/infos-fuer/infos-it-spezialisten/themen/schwachstelle-melden/advisories.html"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"CERT"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "Switzerland"
},
{
"shortName": "MediaTek",
"cnaID": "CNA-2021-0043",
"organizationName": "MediaTek, Inc.",
"scope": "MediaTek product issues only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@mediatek.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "English",
"url": "https://corp.mediatek.com/vulnerability-disclosure-policy"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://corp.mediatek.com/product-security-bulletin"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "Taiwan"
},
{
"shortName": "THA-PSIRT",
"cnaID": "CNA-2021-0045",
"organizationName": "Thales Group",
"scope": "Root Scope: Products and technologies of subsidiaries of Thales Group.
CNA Scope: Thales branded products and technologies, products and technologies of subsidiaries of Thales Group, unless covered by the scope of another CNA as well as vulnerabilities in third-party software discovered by Thales Group and subsidiaries that are not in another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "psirt@thalesgroup.com"
}
],
"contact": [
{
"label": "Customer Support Portal",
"url": "https://supportportal.thalesgroup.com/csm"
}
],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "English",
"url": "https://www.thalesgroup.com/en/global/group/psirt"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://cpl.thalesgroup.com/software-monetization/security-updates"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"role": [
"Root",
"CNA"
],
"type": [
"Vendor",
"Researcher"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "Root"
},
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "France"
},
{
"shortName": "GovTech_CSG",
"cnaID": "CNA-2021-0044",
"organizationName": "Government Technology Agency of Singapore Cyber Security Group (GovTech CSG)",
"scope": "Vulnerabilities discovered by GovTech CSG only that are not in another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "cve_disclosure@tech.gov.sg"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "English",
"url": "https://govtech-csg.github.io/security-advisories/disclosure-policy"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://govtech-csg.github.io/security-advisories/advisories"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Researcher"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "Singapore"
},
{
"shortName": "Yugabyte",
"cnaID": "CNA-2021-0047",
"organizationName": "Yugabyte, Inc.",
"scope": "Yugabyte products only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@yugabyte.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "English",
"url": "https://docs.yugabyte.com/latest/secure/vulnerability-disclosure-policy/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://docs.yugabyte.com/latest/secure/vulnerability-disclosure-policy/#security-tracker-cve-list"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Hosted Service",
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "ForgeRock",
"cnaID": "CNA-2021-0046",
"organizationName": "ForgeRock, Inc.",
"scope": "ForgeRock issues only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "psirt@forgerock.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "English",
"url": "https://www.forgerock.com/vulnerability-disclosure"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://backstage.forgerock.com/knowledge/kb/book/b21824339"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor",
"Open Source"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "ASUSTOR",
"cnaID": "CNA-2021-0048",
"organizationName": "ASUSTOR, Inc.",
"scope": "ASUSTOR issues only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@asustor.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.asustor.com/security/security_advisory"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.asustor.com/security/security_advisory"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "Taiwan"
},
{
"shortName": "Okta",
"cnaID": "CNA-2021-0049",
"organizationName": "Okta",
"scope": "Okta issues only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "psirt@okta.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.okta.com/vulnerability-reporting-policy/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://trust.okta.com/security-advisories"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "CERT-In",
"cnaID": "CNA-2021-0050",
"organizationName": "Indian Computer Emergency Response Team (CERT-In)",
"scope": "Vulnerability coordination for vulnerabilities in all products reported to CERT-In in accordance with our vulnerability coordination role as a CERT. Vulnerability assignments for vulnerabilities impacting all products designed, developed, and manufactured in India.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "vdisclose@cert-in.org.in"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.cert-in.org.in/RVDCP.jsp"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.cert-in.org.in/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"CERT"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "India"
},
{
"shortName": "WDC_PSIRT",
"cnaID": "CNA-2021-0051",
"organizationName": "Western Digital",
"scope": "Western Digital products including WD, SanDisk, SanDisk Professional, G-Technology, and HGST only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "psirt@wdc.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.westerndigital.com/support/productsecurity/vulnerability-disclosure-policy"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.westerndigital.com/support/productsecurity"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "AppCheck",
"cnaID": "CNA-2021-0052",
"organizationName": "AppCheck Ltd.",
"scope": "Vulnerabilities discovered by AppCheck that are not within another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "info@appcheck-ng.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://appcheck-ng.com/security/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://appcheck-ng.com/category/security-alerts/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Researcher"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "UK"
},
{
"shortName": "Acronis",
"cnaID": "CNA-2021-0053",
"organizationName": "Acronis International GmbH",
"scope": "All Acronis products, including Acronis Cyber Protect, Acronis Cyber Protect Home Office, Acronis DeviceLock DLP, and Acronis Snap Deploy.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@acronis.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://hackerone.com/acronis"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://security-advisory.acronis.com/advisories"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "Switzerland"
},
{
"shortName": "Carrier",
"cnaID": "CNA-2021-0054",
"organizationName": "Carrier Global Corporation",
"scope": "Carrier Global products only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "productsecurity@carrier.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.corporate.carrier.com/product-security/reporting-response-disclosures/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.corporate.carrier.com/product-security/advisories-resources/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "icscert",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)"
},
"type": [
"Hosted Service",
"Vendor"
],
"TLR": {
"shortName": "CISA",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA)"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "PandoraFMS",
"cnaID": "CNA-2021-0055",
"organizationName": "Pandora FMS",
"scope": "Pandora FMS, Pandora ITSM, and Pandora RC issues only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@pandorafms.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://pandorafms.com/en/security/vulnerability-disclosure-policy/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://pandorafms.com/common-vulnerabilities-and-exposures/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "INCIBE",
"organizationName": "Spanish National Cybersecurity Institute, S.A. (INCIBE)"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "Spain"
},
{
"shortName": "Silabs",
"cnaID": "CNA-2021-0056",
"organizationName": "Silicon Labs",
"scope": "Silicon Labs issues only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "product-security@silabs.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.silabs.com/security/security-vulnerability-disclosure-policy"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://siliconlabs.force.com/s/alert/Alert__c/00B1M000009sQ4R"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "Panasonic_Holdings_Corporation",
"cnaID": "CNA-2021-0057",
"organizationName": "Panasonic Holdings Corporation",
"scope": "All products and services developed and/or sold by Panasonic Group companies.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "product-security@gg.jp.panasonic.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.panasonic.com/global/corporate/product-security/sec/psirt/policy.html"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.panasonic.com/global/corporate/product-security/sec/psirt/advisories.html"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "jpcert",
"organizationName": "JPCERT/CC"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "Japan"
},
{
"shortName": "ZGR",
"cnaID": "CNA-2021-0058",
"organizationName": "ZGR",
"scope": "ZGR manufactured products.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "cna@zigor.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.zigor.com/vulnerability-disclosure-policy/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.zigor.com/list-of-vulnerabilities/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "INCIBE",
"organizationName": "Spanish National Cybersecurity Institute, S.A. (INCIBE)"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "Spain"
},
{
"shortName": "Profelis",
"cnaID": "CNA-2021-0059",
"organizationName": "Profelis IT Consultancy",
"scope": "Products and services developed by Profelis IT Consultancy including enterprise directory solution SambaBox and password reset product PassBox.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "cve@profelis.com.tr"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "Turkish",
"url": "https://www.profelis.com.tr/politikalar/gizlilik-politikamiz/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"language": "Turkish",
"url": "https://www.profelis.com.tr/politikalar/bilgi-guvenligi-politikamiz/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "Türkiye"
},
{
"shortName": "TeamViewer",
"cnaID": "CNA-2021-0060",
"organizationName": "TeamViewer Germany GmbH",
"scope": "TeamViewer issues only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "psirt@teamviewer.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://vdp.teamviewer.com"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.teamviewer.com/en/trust-center/security-bulletins/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "Germany"
},
{
"shortName": "Vulnscope",
"cnaID": "CNA-2001-0061",
"organizationName": "Vulnscope Technologies",
"scope": "Provides CVE IDs for customers as part of our bug bounty and vulnerability coordination platform.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "certificados@vulnscope.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "Spanish",
"url": "https://www.vulnscope.com/politicas-de-divulgacion"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"language": "Spanish",
"url": "https://www.vulnscope.com/vulnscope"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Bug Bounty Provider"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "Chile"
},
{
"shortName": "Mirantis",
"cnaID": "CNA-2001-0062",
"organizationName": "Mirantis",
"scope": "All Mirantis products (supported products and end-of-life/end-of-service products) and open source offerings, as well as vulnerabilities in third-party software discovered by Mirantis that are not in another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "psirt@mirantis.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://github.com/Mirantis/security/blob/main/vulnerability-disclosure-policy.md"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://github.com/Mirantis/security/blob/main/advisories/advisories.md"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor",
"Open Source",
"Researcher"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "VulDB",
"cnaID": "CNA-2001-0063",
"organizationName": "VulDB",
"scope": "Vulnerabilities in VulDB products and vulnerabilities discovered by, or reported to, the VulDB vulnerability database that are not in another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "cna@vuldb.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://vuldb.com/?doc.submission"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://vuldb.com/?cna.recent"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Researcher"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "Switzerland"
},
{
"shortName": "FRAPPE",
"cnaID": "CNA-2001-0064",
"organizationName": "Frappe Technologies Pvt. Ltd.",
"scope": "Vulnerabilities relating to Frappe Framework, ERPNext product, erpnext.com, and frappecloud.com hosting services, as well as other vulnerabilities discovered by Frappe Technologies that are not under the scope of any other CNA.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@erpnext.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://erpnext.com/security"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://erpnext.com/security/references"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Bug Bounty Provider"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "India"
},
{
"shortName": "RHINO",
"cnaID": "CNA-2001-0065",
"organizationName": "Rhino Mobility",
"scope": "Rhino Mobility issues only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@rhinomobility.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://support.rhinomobility.com/security/vulnerability-disclosure"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://support.rhinomobility.com/security/releases"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "OpenBMC",
"cnaID": "CNA-2021-0066",
"organizationName": "The OpenBMC Project",
"scope": "Vulnerabilities related to the repositories maintained by the OpenBMC project.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "openbmc-security@lists.ozlabs.org"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://github.com/openbmc/openbmc/wiki/Security-working-group"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://github.com/openbmc/openbmc/issues?utf8=%E2%9C%93&q=Security+Advisory"
},
{
"label": "Advisories",
"url": "https://github.com/openbmc/openbmc/security/advisories"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"Vendor",
"Open Source"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "DIVD",
"cnaID": "CNA-2022-0001",
"organizationName": "Dutch Institute for Vulnerability Disclosure (DIVD)",
"scope": "Vulnerabilities in software discovered by DIVD, and vulnerabilities reported to DIVD for coordinated disclosure, which are not in another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "csirt@divd.nl"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.divd.nl/code/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://csirt.divd.nl/cves/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Researcher"
]
},
"country": "Netherlands"
},
{
"shortName": "Baxter",
"cnaID": "CNA-2022-0002",
"organizationName": "Baxter Healthcare",
"scope": "Baxter’s commercially available products only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "productsecurity@baxter.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.baxter.com/product-security#disclosure"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.baxter.com/product-security#additionalresources"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "icscert",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "CISA",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA)"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "Citrix",
"cnaID": "CNA-2022-0003",
"organizationName": "Citrix Systems, Inc.",
"scope": "Citrix issues only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "secure@citrix.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.citrix.com/about/trust-center/vulnerability-process.html"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://support.citrix.com/securitybulletins"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor"
]
},
"country": "USA"
},
{
"shortName": "JetBrains",
"cnaID": "CNA-2022-0004",
"organizationName": "JetBrains s.r.o.",
"scope": "JetBrains products only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@jetbrains.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.jetbrains.com/legal/docs/terms/coordinated-disclosure/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.jetbrains.com/privacy-security/issues-fixed/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor",
"Open Source"
]
},
"country": "Czech Republic"
},
{
"shortName": "Medtronic",
"cnaID": "CNA-2022-0005",
"organizationName": "Medtronic",
"scope": "All products of Medtronic or a Medtronic company including supported products and end-of-life/end-of-service products, as well as vulnerabilities in third-party software discovered in Medtronic products that are not in another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@medtronic.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://global.medtronic.com/xg-en/product-security/coordinated-disclosure-process.html"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://global.medtronic.com/xg-en/product-security/security-bulletins.html"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "icscert",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "CISA",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA)"
},
"type": [
"Vendor"
]
},
"country": "USA"
},
{
"shortName": "ASRG",
"cnaID": "CNA-2022-0006",
"organizationName": "Automotive Security Research Group (ASRG)",
"scope": "All automotive and related infrastructure vulnerabilities that are not in another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "cve@asrg.io"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.asrg.io/disclosure/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.asrg.io/security-advisories/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "icscert",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "CISA",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA)"
},
"type": [
"Researcher"
]
},
"country": "USA"
},
{
"shortName": "Netskope",
"cnaID": "CNA-2022-0007",
"organizationName": "Netskope",
"scope": "All Netskope products and services.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "psirt@netskope.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.netskope.com/vulnerability-disclosure-policy"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.netskope.com/company/security-compliance-and-assurance/security-advisories-and-disclosures"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor"
]
},
"country": "USA"
},
{
"shortName": "Go",
"cnaID": "CNA-2022-0008",
"organizationName": "Go Project",
"scope": "Vulnerabilities in software published by the Go Project (including the Go standard library, Go toolchain, and the golang.org modules) and publicly disclosed vulnerabilities in publicly importable packages in the Go ecosystem, unless covered by another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@golang.org"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://go.dev/security"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://pkg.go.dev/vuln/list"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "Google",
"organizationName": "Google LLC"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor",
"Open Source"
]
},
"country": "USA"
},
{
"shortName": "GE_Vernova",
"cnaID": "CNA-2022-0009",
"organizationName": "GE Vernova",
"scope": "All GE Vernova products.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "GEV.PSIRT@ge.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.gevernova.com/gas-power/products/digital-and-controls/cybersecurity/vulnerability-response"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.gevernova.com/gas-power/products/digital-and-controls/cybersecurity/security-advisories"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "icscert",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "CISA",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA)"
},
"type": [
"Vendor"
]
},
"country": "USA"
},
{
"shortName": "ZUSO_ART",
"cnaID": "CNA-2022-0010",
"organizationName": "ZUSO Advanced Research Team (ZUSO ART)",
"scope": "Vulnerabilities in third-party products discovered by ZUSO ART that are not in another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "ART@zuso.ai"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://zuso.ai/Policy.html"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://zuso.ai/Advisory.html"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Researcher"
]
},
"country": "Taiwan"
},
{
"shortName": "Anolis",
"cnaID": "CNA-2022-0011",
"organizationName": "OpenAnolis",
"scope": "OpenAnolis issues only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@openanolis.org"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://openanolis.cn/sig/security-committee/doc/479850544775086233"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://anas.openanolis.cn/errata"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor",
"Open Source"
]
},
"country": "China"
},
{
"shortName": "Philips",
"cnaID": "CNA-2022-0012",
"organizationName": "Philips",
"scope": "Philips issues only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "productsecurity@philips.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.philips.com/a-w/security/coordinated-vulnerability-disclosure.html"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.philips.com/a-w/security/security-advisories"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "icscert",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "CISA",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA)"
},
"type": [
"Vendor"
]
},
"country": "Netherlands"
},
{
"shortName": "HYPR",
"cnaID": "CNA-2022-0013",
"organizationName": "HYPR Corp",
"scope": "All HYPR products only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@hypr.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.hypr.com/security"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.hypr.com/security-advisories/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor"
]
},
"country": "USA"
},
{
"shortName": "Hitachi",
"cnaID": "CNA-2022-0014",
"organizationName": "Hitachi, Ltd.",
"scope": "Hitachi products excluding Hitachi Energy and Hitachi Vantara products.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "hirt@hitachi.co.jp"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.hitachi.com/hirt/publications/hirt-pub10008"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.hitachi.com/hirt/security/security.html"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "jpcert",
"organizationName": "JPCERT/CC"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "Japan"
},
{
"shortName": "Hallo_Welt",
"cnaID": "CNA-2022-0015",
"organizationName": "Hallo Welt! GmbH",
"scope": "BlueSpice vulnerabilities only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@bluespice.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://bluespice.com/filebase/vulnerability-disclosure-policy/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://en.wiki.bluespice.com/wiki/Security:Security_Advisories"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor"
]
},
"country": "Germany"
},
{
"shortName": "SailPoint",
"cnaID": "CNA-2022-0016",
"organizationName": "SailPoint Technologies",
"scope": "SailPoint issues only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "psirt@sailpoint.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.sailpoint.com/legal/security/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.sailpoint.com/security-advisories/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor"
]
},
"country": "USA"
},
{
"shortName": "Hitachi_Vantara",
"cnaID": "CNA-2022-0017",
"organizationName": "Hitachi Vantara",
"scope": "All Hitachi Vantara products and technologies.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security.vulnerabilities@hitachivantara.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://knowledge.hitachivantara.com/Security/Hitachi_Vantara_Vulnerability_Disclosure_Policy"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories 1",
"url": "https://www.hitachi.com/hirt/security/security.html"
},
{
"label": "Advisories 2",
"url": "https://knowledge.hitachivantara.com/Security"
},
{
"label": "Known Vulnerability Updates",
"url": "https://support.pentaho.com/hc/en-us/categories/360003921092--Known-Vulnerability-Updates"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor"
]
},
"country": "USA"
},
{
"shortName": "GE_Healthcare",
"cnaID": "CNA-2022-0018",
"organizationName": "GE Healthcare",
"scope": "GE Healthcare products.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "CVD@gehealthcare.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.gehealthcare.com/security/cvd"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Public Advisories",
"url": "https://www.gehealthcare.com/security"
},
{
"label": "Registered Customer Portal Advisories",
"url": "https://securityupdate.gehealthcare.com"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "icscert",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "CISA",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA)"
},
"type": [
"Vendor"
]
},
"country": "USA"
},
{
"shortName": "openGauss",
"cnaID": "CNA-2022-0019",
"organizationName": "openGauss Community",
"scope": "openGauss issues only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "securities@opengauss.org"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://opengauss.org/zh/security.html"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://opengauss.org/en/security-advisories/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Open Source"
]
},
"country": "China"
},
{
"shortName": "FULL",
"cnaID": "CNA-2022-0020",
"organizationName": "FULL INTERNET",
"scope": "All FULL products, as well as vulnerabilities in third-party software discovered by FULL that are not in another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "cve-full@somosafull.com.br"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://security.fullstackagency.club/enviar-vulnerabilidade/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://security.fullstackagency.club/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Bug Bounty Provider",
"Hosted Service",
"Vendor",
"Researcher"
]
},
"country": "Brazil"
},
{
"shortName": "The_Missing_Link",
"cnaID": "CNA-2022-0021",
"organizationName": "The Missing Link Australia (TML)",
"scope": "TML vulnerability disclosure policy applies to any third-party vendor products to whom TML will assign the CVEs for vulnerabilities, if the product is not a part of another CNA scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "vdp@themissinglink.com.au"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.themissinglink.com.au/vulnerability-disclosure-policy"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.themissinglink.com.au/security-advisories"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Researcher"
]
},
"country": "Australia"
},
{
"shortName": "NCSC-NL",
"cnaID": "CNA-2022-0022",
"organizationName": "National Cyber Security Centre Netherlands (NCSC-NL)",
"scope": "Vulnerabilities in software discovered by NCSC-NL, and vulnerabilities reported to NCSC-NL for coordinated disclosure, which are not in another CNA's scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "cert@ncsc.nl"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "Dutch",
"url": "https://www.ncsc.nl/contact/kwetsbaarheid-melden"
},
{
"label": "Policy",
"language": "English",
"url": "https://english.ncsc.nl/contact/reporting-a-vulnerability-cvd"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.ncsc.nl/actueel/beveiligingsadviezen"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"CERT"
]
},
"country": "Netherlands"
},
{
"shortName": "Dassault_Systemes",
"cnaID": "CNA-2022-0023",
"organizationName": "Dassault Systèmes",
"scope": "All websites of the corporate group and of any subsidiaries, including but not limited to www.3ds.com and www.solidworks.com; all Software as a Service solutions, such as 3DEXPERIENCE or ScienceCloud, but also any online hosting linked to our brands; and all Dassault Systèmes licensed software products.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "3DS.Information-Security@3ds.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.3ds.com/vulnerability"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.3ds.com/vulnerability/advisories"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor"
]
},
"country": "France"
},
{
"shortName": "KNIME",
"cnaID": "CNA-2022-0024",
"organizationName": "KNIME AG",
"scope": "All vulnerabilities on software products that our company provides, including KNIME Analytics Platform, KNIME Server, and KNIME Hub.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@knime.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.knime.com/security/policy"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.knime.com/security/advisories"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor"
]
},
"country": "Switzerland"
},
{
"shortName": "Unisoc",
"cnaID": "CNA-2022-0025",
"organizationName": "Unisoc (Shanghai) Technologies Co., Ltd.",
"scope": "Unisoc issues only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@unisoc.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "English",
"url": "https://www.unisoc.com/en_us/secy/flawedPolicy"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"language": "English",
"url": "https://www.unisoc.com/en_us/secy/announcement"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor"
]
},
"country": "China"
},
{
"shortName": "OpenHarmony",
"cnaID": "CNA-2022-0026",
"organizationName": "OpenHarmony",
"scope": "openHarmony issues only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "scy@openharmony.io"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "English",
"url": "https://gitee.com/openharmony/security/tree/master/en/security-process"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"language": "English",
"url": "https://gitee.com/openharmony/security/tree/master/en/security-disclosure"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Open Source"
]
},
"country": "China"
},
{
"shortName": "Crestron",
"cnaID": "CNA-2022-0027",
"organizationName": "Crestron Electronics, Inc.",
"scope": "Crestron products.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "support@crestron.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.crestron.com/Security/Report-A-Product-Vulnerability"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.crestron.com/Security/Security_Advisories"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor"
]
},
"country": "USA"
},
{
"shortName": "Rockwell",
"cnaID": "CNA-2022-0028",
"organizationName": "Rockwell Automation",
"scope": "All Rockwell Automation products.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "PSIRT@rockwellautomation.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1136474"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/54102"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "icscert",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "CISA",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA)"
},
"type": [
"Vendor"
]
},
"country": "USA"
},
{
"shortName": "OpenNMS",
"cnaID": "CNA-2022-0029",
"organizationName": "The OpenNMS Group",
"scope": "OpenNMS issues only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@opennms.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.opennms.com/security/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"language": "",
"url": "https://www.opennms.com/en/blog/category/blog/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor",
"Open Source"
]
},
"country": "USA"
},
{
"shortName": "Dragos",
"cnaID": "CNA-2022-0030",
"organizationName": "Dragos, Inc.",
"scope": "Dragos products and third-party products it researches related to operational technology (OT)/industrial control systems (ICS) not covered by another CNA.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "ot-cert@dragos.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.dragos.com/vulnerabilities-policy"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.dragos.com/advisories/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "icscert",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "CISA",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA)"
},
"type": [
"Vendor",
"Researcher"
]
},
"country": "USA"
},
{
"shortName": "CyberArk",
"cnaID": "CNA-2022-0031",
"organizationName": "CyberArk Labs",
"scope": "Vulnerabilities discovered by CyberArk Labs that are not in another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "CyberarkLabs@Cyberark.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://labs.cyberark.com/coordinated-disclosure-policy/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"language": "",
"url": "https://labs.cyberark.com/cyberark-labs-security-advisories/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor",
"Researcher"
]
},
"country": "Israel"
},
{
"shortName": "DualVS",
"cnaID": "CNA-2022-0032",
"organizationName": "Dual Vipers LLC",
"scope": "Dual Vipers projects and products (both open and closed source), as well as vulnerabilities in third-party software discovered by Dual Vipers that are not in another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "bugs@dualvs.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://advisory.dualvs.com/VDP.html"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"language": "",
"url": "https://advisory.dualvs.com"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Hosted Service",
"Open Source",
"Researcher",
"Vendor"
]
},
"country": "USA"
},
{
"shortName": "Bugcrowd",
"cnaID": "CNA-2022-0033",
"organizationName": "Bugcrowd Inc.",
"scope": "Vulnerabilities discovered by researchers in collaboration with Bugcrowd, with approval of Bugcrowd’s clients, and not in the scope of another CNA.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "cve-coordinator@bugcrowd.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://bugcrowd.com/bugcrowd"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"language": "",
"url": "https://bugcrowd.com/crowdstream?filter=disclosures"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Bug Bounty Provider",
"Vendor",
"Open Source"
]
},
"country": "USA"
},
{
"shortName": "SK-CERT",
"cnaID": "CNA-2022-0034",
"organizationName": "National Cyber Security Centre SK-CERT",
"scope": "Vulnerabilities in software discovered by National Cyber Security Centre SK-CERT, and vulnerabilities reported to National Cyber Security Centre SK-CERT for coordinated disclosure, which are not in another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "incident@nbu.gov.sk"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.sk-cert.sk/wp-content/uploads/2019/10/Vulnerability_reporting.pdf"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"language": "",
"url": "https://www.sk-cert.sk/threat/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"CERT"
]
},
"country": "Slovak Republic"
},
{
"shortName": "Baicells",
"cnaID": "CNA-2022-0035",
"organizationName": "Baicells Technologies Co., Ltd.",
"scope": "All Baicells products.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@baicells.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://baicells.zendesk.com/hc/en-us/articles/5000517141396-Vulnerability-Disclosure-Policy-"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"language": "",
"url": "https://baicells.zendesk.com/hc/en-us/sections/206436107-Security-Vulnerability-Notices"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor"
]
},
"country": "China"
},
{
"shortName": "NetRise",
"cnaID": "CNA-2022-0036",
"organizationName": "NetRise",
"scope": "Vulnerabilities in third-party Extended Internet of Things (XIoT) devices and firmware NetRise researches that are not covered by another CNA.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "research@netrise.io"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.netrise.io/hubfs/resources/Vuln%20Disclosure%20Policy%20v1.pdf?hsLang=en"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.netrise.io/security/advisories"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "icscert",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "CISA",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA)"
},
"type": [
"Researcher"
]
},
"country": "USA"
},
{
"shortName": "HashiCorp",
"cnaID": "CNA-2022-0037",
"organizationName": "HashiCorp Inc.",
"scope": "All HashiCorp products and projects unless covered by another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@hashicorp.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.hashicorp.com/security"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"language": "",
"url": "https://discuss.hashicorp.com/c/security/52"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor"
]
},
"country": "USA"
},
{
"shortName": "OpenCloudOS",
"cnaID": "CNA-2022-0038",
"organizationName": "OpenCloudOS Community",
"scope": "OpenCloud OS issues only, not including EOL products, unless covered by another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@opencloudos.tech"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://docs.opencloudos.org/security/security_vulnerability_management/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"language": "",
"url": "https://www.opencloudos.org/?page_id=573"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Open Source"
]
},
"country": "China"
},
{
"shortName": "GreenRocketSecurity",
"cnaID": "CNA-2022-0039",
"organizationName": "Green Rocket Security Inc.",
"scope": "Green Rocket Security products including EOL unless covered by another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "info@greenrocketsecurity.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://greenrocketsecurity.com/disclosure-policy/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"language": "",
"url": "https://www.greenrocketsecurity.com/resources/security-updates/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor"
]
},
"country": "USA"
},
{
"shortName": "Seagate",
"cnaID": "CNA-2022-0040",
"organizationName": "Seagate Technology",
"scope": "Any Seagate or LaCie software or hardware, open or closed source, supported and end of life, as well as any vulnerabilities in third-party software discovered by Seagate that are not in another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "psirt@seagate.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.seagate.com/legal-privacy/responsible-vulnerability-disclosure-policy/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"language": "",
"url": "https://www.seagate.com/support/security/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor",
"Open Source",
"Researcher"
]
},
"country": "USA"
},
{
"shortName": "senhasegura",
"cnaID": "CNA-2022-0041",
"organizationName": "senhasegura",
"scope": "Vulnerabilities in senhasegura products, and other vulnerabilities discovered by senhasegura that are not in another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "cve@senhasegura.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://docs.senhasegura.io/security-guidance/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"language": "",
"url": "https://docs.senhasegura.io/security-center-advisories/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor",
"Researcher"
]
},
"country": "Brazil"
},
{
"shortName": "KrakenD",
"cnaID": "CNA-2022-0042",
"organizationName": "KrakenD, S.L.",
"scope": "KrakenD EE, KrakenD CE, and Lura issues only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@krakend.io"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.krakend.io/security-policy/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"language": "",
"url": "https://www.krakend.io/tags/security/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "INCIBE",
"organizationName": "Spanish National Cybersecurity Institute, S.A. (INCIBE)"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor",
"Open Source"
]
},
"country": "Spain"
},
{
"shortName": "ONEKEY",
"cnaID": "CNA-2022-0043",
"organizationName": "ONEKEY GmbH",
"scope": "All ONEKEY products and vulnerabilities in third-party software discovered by ONEKEY that are not in another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "research@onekey.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://onekey.com/resposible-disclosure-policy/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://onekey.com/research/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "icscert",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "CISA",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA)"
},
"type": [
"Vendor",
"Researcher"
]
},
"country": "Germany"
},
{
"shortName": "Zowe",
"cnaID": "CNA-2022-0044",
"organizationName": "Zowe",
"scope": "Vulnerabilities in Zowe.org open source projects.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "zowe-security@lists.openmainframeproject.org"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://zowe.org/security.html"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"language": "",
"url": "https://github.com/zowe/community/security/advisories"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Open Source"
]
},
"country": "USA"
},
{
"shortName": "Honor",
"cnaID": "CNA-2022-0045",
"organizationName": "Honor Device Co., Ltd.",
"scope": "Vulnerabilities in Honor products and services unless covered by the scope of another CNA.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@hihonor.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.hihonor.com/global/security/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"language": "",
"url": "https://www.hihonor.com/global/security/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor"
]
},
"country": "China"
},
{
"shortName": "Honeywell",
"cnaID": "CNA-2022-0046",
"organizationName": "Honeywell International Inc.",
"scope": "All Honeywell products.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "psirt@honeywell.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.honeywell.com/us/en/product-security"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://sps.honeywell.com/us/en/support/productivity/cyber-security-notifications"
},
{
"label": "EOL & Security Notices",
"url": "https://buildings.honeywell.com/us/en/brands/our-brands/security/support-and-resources/product-resources/eol-and-security-notices"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "icscert",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "CISA",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA)"
},
"type": [
"Vendor"
]
},
"country": "USA"
},
{
"shortName": "Qualys",
"cnaID": "CNA-2022-0047",
"organizationName": "Qualys, Inc.",
"scope": "All Qualys products and vulnerabilities discovered by Qualys that are not covered by another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "bugreport@qualys.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.qualys.com/docs/responsible-disclosure-policy.pdf"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"language": "",
"url": "https://www.qualys.com/security-advisories/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor",
"Researcher"
]
},
"country": "USA"
},
{
"shortName": "GRAFANA",
"cnaID": "CNA-2022-0048",
"organizationName": "Grafana Labs",
"scope": "All Grafana Labs open source and commercial products.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security-team@grafana.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://grafana.com/security.txt"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"language": "",
"url": "https://grafana.com/security/security-advisories/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor",
"Open Source"
]
},
"country": "USA"
},
{
"shortName": "wolfSSL",
"cnaID": "CNA-2022-0049",
"organizationName": "wolfSSL Inc.",
"scope": "Transport Layer Security (TLS) and Cryptographic issues found in wolfSSL products.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "facts@wolfssl.com"
}
],
"contact": [
{
"label": "wolfSSL Security Vulnerabilities page",
"url": "https://www.wolfssl.com/docs/security-vulnerabilities/"
}
],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.wolfssl.com/docs/security-vulnerabilities/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"language": "",
"url": "https://www.wolfssl.com/docs/security-vulnerabilities/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "icscert",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "CISA",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA)"
},
"type": [
"Vendor",
"Open Source"
]
},
"country": "USA"
},
{
"shortName": "Docker",
"cnaID": "CNA-2022-0050",
"organizationName": "Docker Inc.",
"scope": "All Docker products, including Docker Desktop and Docker Hub, as well as Docker maintained open source projects.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@docker.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.docker.com/trust/vulnerability-disclosure-policy/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"language": "",
"url": "https://docs.docker.com/security/"
},
{
"label": "Desktop Release Notes",
"language": "",
"url": "https://docs.docker.com/desktop/release-notes/"
},
{
"label": "Engine Release Notes",
"language": "",
"url": "https://docs.docker.com/engine/release-notes/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor",
"Open Source"
]
},
"country": "USA"
},
{
"shortName": "Proofpoint",
"cnaID": "CNA-2022-0051",
"organizationName": "Proofpoint Inc.",
"scope": "All Proofpoint products.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@proofpoint.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.proofpoint.com/us/security/vulnerability-disclosure-policy"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"language": "",
"url": "https://proofpoint.com/security/security-advisories"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Hosted Service",
"Vendor"
]
},
"country": "USA"
},
{
"shortName": "Baidu",
"cnaID": "CNA-2022-0052",
"organizationName": "Baidu, Inc.",
"scope": "Projects listed on Baidu’s PaddlePaddle GitHub website only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "paddle-security@baidu.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://github.com/PaddlePaddle/Paddle/security/policy"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"language": "",
"url": "https://github.com/PaddlePaddle/Paddle/tree/develop/security"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor",
"Open Source"
]
},
"country": "China"
},
{
"shortName": "Canon",
"cnaID": "CNA-2022-0054",
"organizationName": "Canon Inc.",
"scope": "Vulnerabilities in products and services designed and developed by Canon Inc.",
"contact": [
{
"email": [],
"contact": [
{
"label": "Canon PSIRT Report a Product Security Issue page",
"url": "https://psirt.canon/vulnerability-report-form/"
}
],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://psirt.canon/vulnerability-disclosure-policy/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://psirt.canon/advisory-information/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "jpcert",
"organizationName": "JPCERT/CC"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "Japan"
},
{
"shortName": "Checkmk",
"cnaID": "CNA-2022-0055",
"organizationName": "Checkmk GmbH",
"scope": "All products of Checkmk GmbH including Checkmk and Checkmk Appliance, Nagvis, Robotmk, and packages published on exchange.checkmk.com.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@checkmk.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://checkmk.com/responsible-disclosure-policy"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"language": "",
"url": "https://checkmk.com/werks"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor",
"Open Source"
]
},
"country": "Germany"
},
{
"shortName": "dotCMS",
"cnaID": "CNA-2023-0001",
"organizationName": "dotCMS LLC",
"scope": "All dotCMS product services including the vulnerabilities reported in our open source core located at https://github.com/dotCMS/core.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@dotcms.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.dotcms.com/docs/latest/responsible-disclosure-policy"
},
{
"label": "Reporting Issues",
"language": "",
"url": "https://www.dotcms.com/docs/latest/security-and-privacy#:~:text=dotCMS%20will%20disclose%20all%20issues,fix%20the%20reported%20security%20issue"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"language": "",
"url": "https://www.dotcms.com/docs/latest/known-security-issues"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Hosted Service"
]
},
"country": "USA"
},
{
"shortName": "DHIS2",
"cnaID": "CNA-2023-0002",
"organizationName": "The HISP Centre at the University of Oslo",
"scope": "Security issues in DHIS2 open source web and mobile software applications.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@dhis2.org"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://dhis2.org/security/vulnerability-policy/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"language": "",
"url": "https://dhis2.org/security/vulnerabilities/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor",
"Open Source"
]
},
"country": "Norway"
},
{
"shortName": "NI",
"cnaID": "CNA-2023-0003",
"organizationName": "National Instruments",
"scope": "NI products only (including National Instruments).",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@ni.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://ni.com/security"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"language": "",
"url": "https://www.ni.com/en-us/support/documentation/supplemental/11/available-critical-and-security-updates-for-ni-software.html"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor"
]
},
"country": "USA"
},
{
"shortName": "Genetec",
"cnaID": "CNA-2023-0004",
"organizationName": "Genetec Inc.",
"scope": "Genetec products and solutions only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@genetec.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.genetec.com/trust-cybersecurity/resources"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"language": "",
"url": "https://resources.genetec.com/security-advisories"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Hosted Service",
"Vendor"
]
},
"country": "Canada"
},
{
"shortName": "AHA",
"cnaID": "CNA-2023-0005",
"organizationName": "Austin Hackers Anonymous",
"scope": "Vulnerabilities in the AHA! website and other AHA! controlled assets, as well as vulnerabilities identified in assets owned, operated, or maintained by another organization unless covered by the scope of another CNA.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "cve@takeonme.org"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://takeonme.org/cve.html"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"language": "",
"url": "https://takeonme.org/cve.html"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Researcher"
]
},
"country": "USA"
},
{
"shortName": "XI",
"cnaID": "CNA-2023-0006",
"organizationName": "Exodus Intelligence",
"scope": "Vulnerabilities discovered by Exodus Intelligence as well as acquisitions from independent researchers via its Research Sponsorship Program (RSP).",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "disclosures@exodusintel.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://blog.exodusintel.com/2021/03/17/2021-disclosure-policy/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"language": "",
"url": "https://blog.exodusintel.com/advisories/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Bug Bounty Provider",
"Researcher"
]
},
"country": "USA"
},
{
"shortName": "B.Braun",
"cnaID": "CNA-2023-0007",
"organizationName": "B. Braun SE",
"scope": "B. Braun’s commercially available products only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "productsecurity@bbraun.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.bbraun.com/en/products-and-solutions/b--braun-product-security.html"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.bbraun.com/en/products-and-solutions/b--braun-product-security.html"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "icscert",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "CISA",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA)"
},
"type": [
"Vendor"
]
},
"country": "Germany"
},
{
"shortName": "OX",
"cnaID": "CNA-2023-0008",
"organizationName": "Open-Xchange",
"scope": "Products and services provided by Open-Xchange, PowerDNS, and Dovecot.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@open-xchange.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://vdp.open-xchange.com/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://documentation.open-xchange.com/appsuite/security/advisories/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Open Source",
"Vendor"
]
},
"country": "Germany"
},
{
"shortName": "Hillstone",
"cnaID": "CNA-2023-0009",
"organizationName": "Hillstone Networks Inc.",
"scope": "Vulnerabilities in our products listed at https://www.hillstonenet.com/hillstone-networks-product-portfolio and the products we sell only in China listed at https://www.hillstonenet.com.cn/product_service/, not including our websites.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "psirt@hillstonenet.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.hillstonenet.com.cn/support-and-training/psirt"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.hillstonenet.com.cn/support-and-training/psirt/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor"
]
},
"country": "China"
},
{
"shortName": "STAR_Labs",
"cnaID": "CNA-2023-0010",
"organizationName": "STAR Labs SG Pte. Ltd.",
"scope": "Vulnerabilities discovered by, or reported to, STAR Labs SG that are not in another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "info@starlabs.sg"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://starlabs.sg/advisories/STAR%20Labs%20SG%20Pte.%20Ltd.%20Vulnerability%20Disclosure%20Policy.pdf"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://starlabs.sg/advisories/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Researcher"
]
},
"country": "Singapore"
},
{
"shortName": "ShopBeat",
"cnaID": "CNA-2023-0011",
"organizationName": "Shop Beat Solutions (Pty) LTD",
"scope": "Vulnerabilities in Shop Beat products and services and vulnerabilities discovered by Shop Beat unless covered by the scope of another CNA.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "support@shopbeat.co.za"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.shopbeat.co.za/disclosure_policy.html"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.shopbeat.co.za/security_advisory_location.html"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Hosted Service",
"Vendor"
]
},
"country": "South Africa"
},
{
"shortName": "SN",
"cnaID": "CNA-2023-0012",
"organizationName": "ServiceNow",
"scope": "All ServiceNow products (supported products and end-of-life/end-of-service products), as well as vulnerabilities in third-party software discovered by ServiceNow that are not in another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "psirt@servicenow.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.servicenow.com/company/trust/privacy/responsible-disclosure.html"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1226057"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Hosted Service",
"Researcher",
"Vendor"
]
},
"country": "USA"
},
{
"shortName": "WatchGuard",
"cnaID": "CNA-2023-0013",
"organizationName": "WatchGuard Technologies, Inc.",
"scope": "Vulnerabilities in all WatchGuard products and products of WatchGuard subsidiaries.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@watchguard.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.watchguard.com/wgrd-psirt/responsible-disclosure-policy"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.watchguard.com/wgrd-psirt/advisories"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor"
]
},
"country": "USA"
},
{
"shortName": "IDEMIA",
"cnaID": "CNA-2023-0014",
"organizationName": "IDEMIA",
"scope": "All IDEMIA products (supported products and end-of-life/end-of-service products), as well as vulnerabilities in third-party software discovered by IDEMIA that are not in another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "psirt@idemia.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.idemia.com/idemia-product-security-incident-response-team-psirt"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.idemia.com/vulnerability-information"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Researcher",
"Vendor"
]
},
"country": "France"
},
{
"shortName": "GandC",
"cnaID": "CNA-2023-0015",
"organizationName": "Glyph & Cog, LLC",
"scope": "Xpdf open source project, including the xpdf viewer and associated command line tools.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "xpdf@xpdfreader.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.xpdfreader.com/disclosure.html"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.xpdfreader.com/security-fixes.html"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "redhat",
"organizationName": "Red Hat, Inc."
},
"type": [
"Open Source",
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "Liferay",
"cnaID": "CNA-2023-0016",
"organizationName": "Liferay, Inc.",
"scope": "All Liferay supported products and end-of-life/end-of-service products.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@liferay.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://liferay.dev/portal/security/reporting"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://liferay.dev/portal/security/known-vulnerabilities"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor"
]
},
"country": "USA"
},
{
"shortName": "Securifera",
"cnaID": "CNA-2023-0017",
"organizationName": "Securifera, Inc.",
"scope": "Vulnerabilities in vendor products discovered by Securifera, or related parties, while performing vulnerability research or security assessments.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "contact@securifera.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.securifera.com/advisories/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.securifera.com/advisories/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Researcher"
]
},
"country": "USA"
},
{
"shortName": "CyberDanube",
"cnaID": "CNA-2023-0018",
"organizationName": "CyberDanube",
"scope": "All CyberDanube products, as well as vulnerabilities in third-party hardware/software discovered by CyberDanube or partners actively engaged in vulnerability research coordination, which are not within the scope of another CNA.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "office@cyberdanube.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://cyberdanube.com/en/responsible-disclosure-policy/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://cyberdanube.com/en/blogs/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "icscert",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "CISA",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA)"
},
"type": [
"Researcher",
"Vendor"
]
},
"country": "Austria"
},
{
"shortName": "StrongDM",
"cnaID": "CNA-2023-0019",
"organizationName": "StrongDM",
"scope": "StrongDM issues only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@strongdm.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://hackerone.com/strongdm"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.strongdm.com/security/advisories"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor"
]
},
"country": "USA"
},
{
"shortName": "SEL",
"cnaID": "CNA-2023-0020",
"organizationName": "Schweitzer Engineering Laboratories, Inc.",
"scope": "All Schweitzer Engineering Laboratories products.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@selinc.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://selinc.com/support/security-notifications/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://selinc.com/support/security-notifications/external-reports/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "icscert",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "CISA",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA)"
},
"type": [
"Vendor"
]
},
"country": "USA"
},
{
"shortName": "VulnCheck",
"cnaID": "CNA-2023-0021",
"organizationName": "VulnCheck",
"scope": "Vulnerabilities discovered by, or reported to, VulnCheck that are not in another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "disclosure@vulncheck.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://vulncheck.com/vulnerability-disclosure-policy"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://vulncheck.com/advisories"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Bug Bounty Provider",
"Researcher"
]
},
"country": "USA"
},
{
"shortName": "Halborn",
"cnaID": "CNA-2023-0022",
"organizationName": "Halborn",
"scope": "All blockchain and Web3 products that rely on smart contracts written in Rust, Go, and Solidity, as well as blockchain associated Web2 and Web3 infrastructure not covered by another CNA.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "disclosures@halborn.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://halborn.com/disclosures/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://halborn.com/disclosures/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Researcher"
]
},
"country": "USA"
},
{
"shortName": "Ribose",
"cnaID": "CNA-2023-0023",
"organizationName": "Ribose Limited",
"scope": "All Ribose products and services, including open source projects, supported products, and end-of-life/end-of-service products.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "cve-coordination@ribose.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://open.ribose.com/cve-policy/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://open.ribose.com/advisories/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Hosted Service",
"Open Source",
"Vendor"
]
},
"country": "UK"
},
{
"shortName": "42Gears",
"cnaID": "CNA-2023-0024",
"organizationName": "42Gears Mobility Systems Pvt Ltd",
"scope": "42Gears branded products and technologies only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@42gears.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy (click on “Security Response Center”)",
"language": "",
"url": "https://www.42gears.com/security-and-compliance/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories (click on “Security Advisories”)",
"url": "https://www.42gears.com/security-and-compliance/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "icscert",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "CISA",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA)"
},
"type": [
"Vendor"
]
},
"country": "India"
},
{
"shortName": "Solidigm",
"cnaID": "CNA-2023-0025",
"organizationName": "Solidigm",
"scope": "Solidigm branded products and technologies.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "Security@Solidigm.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.solidigm.com/support-page/support-security.html"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.solidigm.com/support-page/support-security.html"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor"
]
},
"country": "USA"
},
{
"shortName": "Illumio",
"cnaID": "CNA-2023-0026",
"organizationName": "Illumio",
"scope": "Illumio issues only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@illumio.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.illumio.com/legal/responsible-disclosure-policy"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://docs.illumio.com/LandingPages/Categories/security-advisories.htm"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor"
]
},
"country": "USA"
},
{
"shortName": "BLSOPS",
"cnaID": "CNA-2023-0027",
"organizationName": "Black Lantern Security",
"scope": "Vulnerabilities in vendor products discovered by BLSOPS, or related parties, while performing vulnerability research or security assessments, unless covered by another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "cves@blacklanternsecurity.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.blacklanternsecurity.com/cna.html"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.blacklanternsecurity.com/advisories/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Researcher"
]
},
"country": "USA"
},
{
"shortName": "IoT83",
"cnaID": "CNA-2023-0028",
"organizationName": "IoT83 Ltd",
"scope": "Vulnerabilities in IoT83 product(s), services, and components only. Third-party, open source components used in IoT83 product(s), services, and components are not in scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@iot83.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.iot83.com/security/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.iot83.com/security/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor"
]
},
"country": "USA"
},
{
"shortName": "Moxa",
"cnaID": "CNA-2023-0029",
"organizationName": "Moxa Inc.",
"scope": "Moxa products only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "psirt@moxa.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.moxa.com/en/support/product-support/security-advisory/cybersecurity-vulnerability-management-policy"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.moxa.com/en/support/product-support/security-advisory"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "icscert",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "CISA",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA)"
},
"type": [
"Vendor"
]
},
"country": "Taiwan"
},
{
"shortName": "Temporal",
"cnaID": "CNA-2023-0030",
"organizationName": "Temporal Technologies Inc.",
"scope": "All Temporal Technologies software.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@temporal.io"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://docs.temporal.io/temporal-technologies-inc-security"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://docs.temporal.io/temporal-technologies-inc-security"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Hosted Service",
"Open Source"
]
},
"country": "USA"
},
{
"shortName": "AMI",
"cnaID": "CNA-2023-0031",
"organizationName": "AMI",
"scope": "Vulnerabilities in AMI firmware and software products, as well as vulnerabilities discovered by AMI that are not covered by another CNA scope.",
"contact": [
{
"email": [
{
"label": "Email for BIOS Products",
"emailAddr": "biossecurity@ami.com"
},
{
"label": "Email for MegaRAC Products",
"emailAddr": "megarac.security@ami.com"
},
{
"label": "Email for Tektagon Products",
"emailAddr": "tektagonsecurity@ami.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.ami.com/security-center/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.ami.com/security-center/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "icscert",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "CISA",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA)"
},
"type": [
"Vendor",
"Open Source",
"Researcher"
]
},
"country": "USA"
},
{
"shortName": "Payara",
"cnaID": "CNA-2023-0032",
"organizationName": "Payara",
"scope": "All Payara Platform product distributions (Payara Server, Micro, Embedded) for both Enterprise (commercial) and Community (OSS) distributions.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@payara.fish"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Community Edition Policy",
"language": "",
"url": "https://docs.payara.fish/community/docs/Security/Overview.html"
},
{
"label": "Enterprise Edition Policy",
"language": "",
"url": "https://docs.payara.fish/enterprise/docs/Security/Overview.html"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Community Edition Advisories",
"url": "https://docs.payara.fish/community/docs/Security/Security%20Fix%20List.html"
},
{
"label": "Enterprise Edition Advisories",
"url": "https://docs.payara.fish/enterprise/docs/Security/Security%20Fix%20List.html"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Open Source",
"Vendor"
]
},
"country": "UK"
},
{
"shortName": "NCSC-FI",
"cnaID": "CNA-2023-0033",
"organizationName": "National Cyber Security Centre Finland (NCSC-FI)",
"scope": "Vulnerabilities in software discovered by NCSC-FI, and vulnerabilities reported to NCSC-FI for coordinated disclosure, which are not in another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "vulncoord@ncsc.fi"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy (Finnish)",
"language": "Finnish",
"url": "https://www.kyberturvallisuuskeskus.fi/fi/ajankohtaista/haavoittuvuudet-miten-niista-ilmoitetaan-oikein"
},
{
"label": "Policy (English)",
"language": "English",
"url": "https://www.kyberturvallisuuskeskus.fi/en/our-services/situation-awareness-and-network-management/vulnerability-coordination"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories (Finnish)",
"url": "https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuudet"
},
{
"label": "Advisories (English)",
"url": "https://www.kyberturvallisuuskeskus.fi/en/haavoittuvuudet"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"CERT"
]
},
"country": "Finland"
},
{
"shortName": "samsung.tv_appliance",
"cnaID": "CNA-2023-0034",
"organizationName": "Samsung TV & Appliance",
"scope": "Samsung TV & Appliance products, Samsung-owned open source projects listed on https://github.com/Samsung/, as well as vulnerabilities in third-party software discovered by Samsung that are not in another CNA’s scope. Vulnerabilities affecting end-of-life/end-of-service products are in scope. The following categories of Samsung Products are in scope: Internet-connected home appliances, B2C product (smart TV, smart monitor, soundbar, and projector), and B2B products (digital signage, interactive display, and kiosk).",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "PSIRT@samsung.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://SecurityReport.samsung.com/#DisclosurePolicy"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Smart TV, Audio, and Displays Advisories",
"url": "https://Security.SamsungTV.com/securityUpdates"
},
{
"label": "Digital Appliances Advisories",
"url": "https://Security.SamsungDA.com/securityUpdates.html"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Open Source",
"Researcher",
"Vendor"
]
},
"country": "South Korea"
},
{
"shortName": "SRA",
"cnaID": "CNA-2023-0035",
"organizationName": "Security Risk Advisors (SRA)",
"scope": "Vulnerabilities discovered by SRA that are not within the scope of another CNA.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "advisories@sra.io"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://sra.io/disclosure-policy/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://sra.io/advisories/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "icscert",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "CISA",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA)"
},
"type": [
"Researcher"
]
},
"country": "USA"
},
{
"shortName": "Arm",
"cnaID": "CNA-2023-0036",
"organizationName": "Arm Limited",
"scope": "Arm-branded products and technologies and Arm-managed open source projects.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "psirt@arm.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://developer.arm.com/documentation/102850/0100"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://developer.arm.com/Arm%20Security%20Center"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Open Source",
"Vendor"
]
},
"country": "UK"
},
{
"shortName": "ODA",
"cnaID": "CNA-2023-0037",
"organizationName": "Open Design Alliance",
"scope": "Open Design Alliance products only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@opendesign.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.opendesign.com/security"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.opendesign.com/security-advisories"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor"
]
},
"country": "USA"
},
{
"shortName": "BHV",
"cnaID": "CNA-2023-0038",
"organizationName": "Biohacking Village",
"scope": "Vulnerabilities discovered by researchers in collaboration with Biohacking Village, with approval of Biohacking Village’s sponsors, that are not in another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@villageb.io"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.villageb.io/cvd"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.villageb.io/security-advisory"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "icscert",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "CISA",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA)"
},
"type": [
"Researcher"
]
},
"country": "USA"
},
{
"shortName": "Gitea",
"cnaID": "CNA-2023-0039",
"organizationName": "Gitea Limited",
"scope": "Gitea issues only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@gitea.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://github.com/go-gitea/gitea/blob/main/SECURITY.md"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://about.gitea.com/security/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Open Source",
"Vendor"
]
},
"country": "China"
},
{
"shortName": "Google_Devices",
"cnaID": "CNA-2023-0040",
"organizationName": "Google Devices",
"scope": "Google Devices - Pixel, Nest, and Chromecast.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "dspa-cve@google.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://support.google.com/product-documentation/answer/13658251?hl=en&ref_topic=12974021&sjid=11464995960873540884-NA"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Nest Advisories",
"url": "https://support.google.com/product-documentation/topic/12974021?hl=en&ref_topic=10123615&sjid=5419128013624043298-NA"
},
{
"label": "Pixel Advisories",
"url": "https://source.android.com/docs/security/bulletin/pixel"
},
{
"label": "Chromecast Advisories",
"url": "https://source.android.com/docs/security/bulletin/chromecast"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "Google",
"organizationName": "Google LLC"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "MIM",
"cnaID": "CNA-2023-0041",
"organizationName": "MIM Software Inc.",
"scope": "MIM software products, platforms, and services as well as vulnerabilities reported to MIM Software in third-party components or libraries used by MIM Software products, platforms, and services not covered by another CNA.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@mimsoftware.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.mimsoftware.com/security"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.mimsoftware.com/security-advisories"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "icscert",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "CISA",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA)"
},
"type": [
"Vendor"
]
},
"country": "USA"
},
{
"shortName": "IDBS",
"cnaID": "CNA-2023-0042",
"organizationName": "ID Business Solutions",
"scope": "IDBS products as listed on https://www.idbs.com/products/.",
"contact": [
{
"email": [],
"contact": [
{
"label": "IDBS contact page",
"url": "https://idbs.my.site.com/"
}
],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.idbs.com/about/coordinated-vulnerability-disclosure/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://help.idbs.com/advisories/en/index-en.html"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "icscert",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "CISA",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA)"
},
"type": [
"Vendor"
]
},
"country": "UK"
},
{
"shortName": "Hanwha_Vision",
"cnaID": "CNA-2023-0043",
"organizationName": "Hanwha Vision Co., Ltd.",
"scope": "Hanwha Vision (formerly Samsung Techwin and Hanwha Techwin) products and solutions only, including end-of-life (EOL).",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "secure.cctv@hanwha.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.hanwhavision.com/en/support/cybersecurity/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.hanwhavision.com/en/support/cybersecurity/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor"
]
},
"country": "South Korea"
},
{
"shortName": "CrowdStrike",
"cnaID": "CNA-2023-0044",
"organizationName": "CrowdStrike Holdings, Inc.",
"scope": "All CrowdStrike products.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "bugs@crowdstrike.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.crowdstrike.com/report-a-security-bug/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.crowdstrike.com/security-advisories/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor"
]
},
"country": "USA"
},
{
"shortName": "ProgressSoftware",
"cnaID": "CNA-2023-0045",
"organizationName": "Progress Software Corporation",
"scope": "Vulnerabilities in software published and maintained by Progress Software Corporation.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@progress.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.progress.com/security/vulnerability-reporting-policy"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://community.progress.com/s/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor"
]
},
"country": "USA"
},
{
"shortName": "CERT-PL",
"cnaID": "CNA-2023-0046",
"organizationName": "CERT.PL",
"scope": "Vulnerabilities in software discovered by CERT.PL, and vulnerabilities reported to CERT.PL for coordinated disclosure, which are not in another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "cvd@cert.pl"
}
],
"contact": [],
"form": [
{
"label": "CERT.PL contact form (Polish)",
"url": "https://incydent.cert.pl/#!/lang=pl,entityType=notObligatedEntity,easyIncidentType=vulnerability"
},
{
"label": "CERT.PL contact form (English)",
"url": "https://incydent.cert.pl/#!/lang=en,entityType=notObligatedEntity,easyIncidentType=vulnerability"
}
]
}
],
"disclosurePolicy": [
{
"label": "Policy (Polish)",
"language": "Polish",
"url": "https://cert.pl/cvd/"
},
{
"label": "Policy (English)",
"language": "English",
"url": "https://cert.pl/en/cvd/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories (Polish)",
"url": "https://cert.pl/cve/"
},
{
"label": "Advisories (English)",
"url": "https://cert.pl/en/cve/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"CERT"
]
},
"country": "Poland"
},
{
"shortName": "CISA",
"cnaID": "CNA-2023-0047",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA)",
"scope": "Top-Level Root Scope: Vulnerabilities that are (1) reported to or observed by CISA and (2) affect critical infrastructure, U.S. civilian government, industrial control systems, or medical devices, and (3) are not covered by another CNA’s scope.
ADP Scope: View scope here.",
"contact": [
{
"email": [],
"contact": [],
"form": [
{
"label": "Submit a Report",
"url": "https://www.cisa.gov/report"
}
]
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.cisa.gov/coordinated-vulnerability-disclosure-process"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.cisa.gov/news-events/cybersecurity-advisories"
}
]
},
"resources": [],
"CNA": {
"isRoot": true,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"type": [
"N/A"
],
"TLR": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "reports to CVE Board",
"role": "Top-Level Root"
},
{
"helpText": "Authorized Data Publisher",
"role": "ADP"
}
]
},
"country": "USA"
},
{
"shortName": "cisa-cg",
"cnaID": "CNA-2023-0048",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA) U.S. Civilian Government",
"scope": "Vulnerabilities that are (1) reported to or observed by CISA, (2) affect critical infrastructure or U.S. civilian government, and (3) are not covered by another CNA’s scope.",
"contact": [
{
"email": [
],
"contact": [
{
"label": "Submit a Report",
"url": "https://www.cisa.gov/report"
}
],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.cisa.gov/coordinated-vulnerability-disclosure-process"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.cisa.gov/news-events/cybersecurity-advisories"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "CISA",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA)"
},
"type": [
"CERT"
]
},
"country": "USA"
},
{
"shortName": "Phoenix",
"cnaID": "CNA-2023-0049",
"organizationName": "Phoenix Technologies, Inc.",
"scope": "All Phoenix Technologies products (supported products and end-of-life/end-of-service products), as well as vulnerabilities in third-party software discovered by Phoenix Technologies that are not in another CNA’s scope.",
"contact": [
{
"email": [
],
"contact": [
{
"label": "Report a Security Vulnerability",
"url": "https://www.phoenix.com/report-a-security-vulnerability/"
}
],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.phoenix.com/report-a-security-vulnerability/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.phoenix.com/product-security/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor",
"Researcher"
]
},
"country": "USA"
},
{
"shortName": "VULSec",
"cnaID": "CNA-2023-0050",
"organizationName": "VULSec Labs",
"scope": "Vulnerabilities discovered by, or reported to, VULSec Labs that are not in another CNA’s scope.",
"contact": [
{
"email": [
],
"contact": [
{
"label": "Vulnerability Report Form",
"url": "https://www.vulsec.org/vulnerability-report"
}
],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.vulsec.org/conditions/vulnerability-disclosure-policy"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.vulsec.org/advisories"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "redhat",
"organizationName": "Red Hat, Inc."
},
"type": [
"Researcher"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "Israel"
},
{
"shortName": "Mandiant",
"cnaID": "CNA-2023-0051",
"organizationName": "Mandiant Inc.",
"scope": "Vulnerabilities in Mandiant products or discovered by Mandiant while performing vulnerability research or security assessments, unless covered by another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "mandiant-cve@google.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://about.google/intl/ALL_us/appsecurity/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://github.com/mandiant/Vulnerability-Disclosures"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "Google",
"organizationName": "Google LLC"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Researcher",
"Vendor"
]
},
"country": "USA"
},
{
"shortName": "PureStorage",
"cnaID": "CNA-2023-0052",
"organizationName": "Pure Storage, Inc.",
"scope": "Pure Storage products only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "psirt@purestorage.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://support.purestorage.com/Pure_Security/Product_Security_Policy"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://support.purestorage.com/bundle/m_security_bulletins/page/Pure_Security/topics/concept/c_security_bulletins.html"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor"
]
},
"country": "USA"
},
{
"shortName": "PSF",
"cnaID": "CNA-2023-0053",
"organizationName": "Python Software Foundation",
"scope": "Only supported and end-of-life Python versions available at https://python.org/downloads and pip versions available at https://pypi.org/project/pip, Pallets projects available at https://github.com/pallets (such as Flask, Jinja, Click, MarkupSafe, Werkzeug, and ItsDangerous), and excluding distributions of Python, pip, and Pallets projects maintained by third-party redistributors.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "cna@python.org"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.python.org/cve-numbering-authority/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://mail.python.org/archives/list/security-announce@python.org/latest"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor",
"Open Source"
]
},
"country": "USA"
},
{
"shortName": "securin",
"cnaID": "CNA-2023-0054",
"organizationName": "Securin",
"scope": "Vulnerabilities found in Securin products and services (including end-of-life/end-of-service products), as well as vulnerabilities in third-party software discovered by Securin that are not in another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "disclose@securin.io"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.securin.io/disclosure-policy/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.securin.io/zero-days-list/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor",
"Open Source",
"Researcher"
]
},
"country": "USA"
},
{
"shortName": "Nokia",
"cnaID": "CNA-2023-0055",
"organizationName": "Nokia",
"scope": "All vulnerabilities in Nokia products.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security-alert@nokia.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.nokia.com/notices/responsible-disclosure/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.nokia.com/about-us/security-and-privacy/product-security-advisory/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor"
]
},
"country": "Finland"
},
{
"shortName": "ICT",
"cnaID": "CNA-2023-0056",
"organizationName": "Integrated Control Technology LTD",
"scope": "All ICT security products.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security-disclosures@ict.co"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://ict.co/help-support/responsible-disclosure-policy/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://ict.co/help-support/security-advisories/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor"
]
},
"country": "New Zealand"
},
{
"shortName": "Xerox",
"cnaID": "CNA-2023-0057",
"organizationName": "Xerox Corporation",
"scope": "Xerox Corporation issues only.",
"contact": [
{
"email": [
],
"contact": [
{
"label": "Xerox Security Response Center",
"url": "https://forms.business.xerox.com/en-us/xerox-security-response-center/"
}
],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://security.business.xerox.com/vulnerability-policy/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://security.business.xerox.com/en-us/documents/bulletins/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor"
]
},
"country": "USA"
},
{
"shortName": "SoftIron",
"cnaID": "CNA-2023-0058",
"organizationName": "SoftIron",
"scope": "SoftIron HyperCloud branded products and technologies only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "cve-coordination@softiron.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://softiron.com/legal/security-disclosure/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://advisories.softiron.cloud/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor"
]
},
"country": "USA"
},
{
"shortName": "ADI",
"cnaID": "CNA-2023-0059",
"organizationName": "Analog Devices, Inc.",
"scope": "Vulnerabilities in ADI firmware and software products.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "securityalert@analog.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.analog.com/en/support/technical-support/product-security-response-center/vulnerability-disclosure-policy.html"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.analog.com/en/support/technical-support/product-security-response-center.html"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "icscert",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "CISA",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA)"
},
"type": [
"Vendor"
]
},
"country": "USA"
},
{
"shortName": "AlgoSec",
"cnaID": "CNA-2023-0060",
"organizationName": "AlgoSec",
"scope": "AlgoSec products only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security.vulnerabilities@algosec.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.algosec.com/resources/guide/algosec-security-center/#:~:text=Frequently%20asked%20questions-,Overview,-At%20AlgoSec%2C%20we"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.algosec.com/resources/guide/algosec-security-center/#:~:text=05-,Security%20advisories,-List%20of%20CVEs"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor"
]
},
"country": "Israel"
},
{
"shortName": "Canon_EMEA",
"cnaID": "CNA-2023-0061",
"organizationName": "Canon EMEA",
"scope": "Products, services, and solutions developed internally by Canon EMEA and those from Canon Production Printing, IRIS, NT-ware, and Therefore Corporation.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "product-security@canon-europe.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.canon-europe.com/psirt"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.canon-europe.com/psirt/advisory-information"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor"
]
},
"country": "UK"
},
{
"shortName": "1E",
"cnaID": "CNA-2023-0062",
"organizationName": "1E Limited",
"scope": "All 1E products (including end-of-life/end-of-service products), as well as vulnerabilities in third-party software discovered by 1E that are not in another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@1e.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.1e.com/vulnerability-disclosure-policy/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.1e.com/trust-security-compliance/cve-info/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor",
"Researcher"
]
},
"country": "UK"
},
{
"shortName": "Lexmark",
"cnaID": "CNA-2023-0063",
"organizationName": "Lexmark International Inc.",
"scope": "Lexmark products only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "securityalerts@lexmark.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.lexmark.com/en_us/solutions/security/lexmark-security-advisories.html"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.lexmark.com/en_us/solutions/security/lexmark-security-advisories.html"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor"
]
},
"country": "USA"
},
{
"shortName": "KeeperSecurity",
"cnaID": "CNA-2023-0064",
"organizationName": "Keeper Security, Inc.",
"scope": "Keeper Security products and services only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@keepersecurity.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.keepersecurity.com/security.html?s=reporting"
},
{
"label": "Bounty Program Policy",
"language": "",
"url": "https://bugcrowd.com/keepersecurity"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://docs.keeper.io/release-notes/keeper-security/security-advisories"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor"
]
},
"country": "USA"
},
{
"shortName": "Caliptra",
"cnaID": "CNA-2023-0065",
"organizationName": "Caliptra Project",
"scope": "Caliptra Project components and vulnerabilities that are not in another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "vulnerabilities.caliptra-wg@lists.chipsalliance.org"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://github.com/chipsalliance/Caliptra/security/policy"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://github.com/chipsalliance/Caliptra/security/advisories"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Open Source"
]
},
"country": "USA"
},
{
"shortName": "PaperCut",
"cnaID": "CNA-2023-0066",
"organizationName": "PaperCut Software Pty Ltd",
"scope": "PaperCut MF, PaperCut NG, PaperCut Hive, PaperCut Pocket, PaperCut Mobility Print, QRdoc, PaperCut Views, PaperCut Multiverse, https://www.papercut.com, and all other PaperCut products and services.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@papercut.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.papercut.com/contact/security/vulnerability-disclosure-policy/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.papercut.com/kb/Main/CommonSecurityQuestions"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor"
]
},
"country": "Australia"
},
{
"shortName": "WrenSecurity",
"cnaID": "CNA-2023-0067",
"organizationName": "Wren Security",
"scope": "Wren Security maintained software.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "disclosure@wrensecurity.org"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://wrensecurity.org/community/disclosure.html"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Wren:IDM Advisories",
"url": "https://github.com/WrenSecurity/wrenidm/security"
},
{
"label": "Wren:AM Advisories",
"url": "https://github.com/WrenSecurity/wrenam/security"
},
{
"label": "Wren:DS Advisories",
"url": "https://github.com/WrenSecurity/wrends/security"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Open Source"
]
},
"country": "Czech Republic"
},
{
"shortName": "KCFTech",
"cnaID": "CNA-2023-0068",
"organizationName": "KCF Technologies, Inc.",
"scope": "All KCF Technologies products including base stations, repeaters, numerous sensor types, and the SMARTdiagnostics cloud software.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@kcftech.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://kcftech.com/vulnerability-disclosure-policy/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://status.kcftech.com/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor",
"Hosted Service"
]
},
"country": "USA"
},
{
"shortName": "YokogawaGroup",
"cnaID": "CNA-2023-0069",
"organizationName": "Yokogawa Group",
"scope": "Yokogawa Group companies’ products and Yokogawa Group subsidiaries’ products.",
"contact": [
{
"email": [],
"contact": [],
"form": [
{
"label": "Yokogawa Report Vulnerability form",
"url": "https://contact.yokogawa.com/cs/gw?c-id=000983"
}
]
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.yokogawa.com/solutions/products-and-services/announcements/vulpolicy/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Yokogawa Electric Corporation Advisories",
"url": "https://www.yokogawa.com/library/resources/white-papers/yokogawa-security-advisory-report-list/"
},
{
"label": "Yokogawa Test & Measurement Corporation Advisories",
"url": "https://www.yokogawa.com/ymi/important-notice-about-the-product/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "jpcert",
"organizationName": "JPCERT/CC"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor"
]
},
"country": "Japan"
},
{
"shortName": "libreswan",
"cnaID": "CNA-2023-0070",
"organizationName": "Libreswan Project",
"scope": "Libreswan software.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@libreswan.org"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://libreswan.org/security/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://libreswan.org/security/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor",
"Open Source"
]
},
"country": "n/a"
},
{
"shortName": "NX",
"cnaID": "CNA-2023-0071",
"organizationName": "Network Optix",
"scope": "All Network Optix products, including https://www.networkoptix.com/nx-witness and https://www.networkoptix.com/powered-by-nx.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@networkoptix.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.networkoptix.com/vulnerability-disclosure-program"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.networkoptix.com/blog"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor",
"Open Source"
]
},
"country": "USA"
},
{
"shortName": "Dfinity",
"cnaID": "CNA-2023-0072",
"organizationName": "DFINITY Foundation",
"scope": "All Internet Computer projects as found on the following GitHub pages: https://github.com/dfinity and https://github.com/dfinity-lab.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security-cna@dfinity.org"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://github.com/dfinity/ic/security/policy"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://internetcomputer.org/security-advisories"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor",
"Open Source"
]
},
"country": "Switzerland"
},
{
"shortName": "SEC-VLab",
"cnaID": "CNA-2023-0073",
"organizationName": "SEC Consult Vulnerability Lab",
"scope": "All vulnerabilities discovered in third-party hardware/software by SEC Consult Vulnerability Lab (part of SEC Consult, an Eviden business), which are not in another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security-research@sec-consult.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://sec-consult.com/vulnerability-lab/responsible-disclosure-policy/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://sec-consult.com/vulnerability-lab/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Researcher"
]
},
"country": "Austria"
},
{
"shortName": "OTORIO",
"cnaID": "CNA-2023-0074",
"organizationName": "OTORIO LTD.",
"scope": "All OTORIO products, as well as vulnerabilities in third-party software discovered by OTORIO that are not in another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "productcert@otorio.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.otorio.com/vulnerability-disclosure-policy/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.otorio.com/vulnerability-disclosure/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "icscert",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "CISA",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA)"
},
"type": [
"Vendor",
"Researcher"
]
},
"country": "Israel"
},
{
"shortName": "SmileDigitalHealth",
"cnaID": "CNA-2023-0075",
"organizationName": "Smile CDR Inc. (doing business as “Smile Digital Health”)",
"scope": "All Smile Digital Health products and HAPI FHIR.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@smiledigitalhealth.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.smiledigitalhealth.com/responsible-disclosure-policy"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.smiledigitalhealth.com/legal/security-advisories"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor",
"Open Source"
]
},
"country": "Canada"
},
{
"shortName": "WSO2",
"cnaID": "CNA-2023-0076",
"organizationName": "WSO2 LLC",
"scope": "WSO2 products and services scoped under Responsible Disclosure Program https://security.docs.wso2.com/en/latest/security-reporting/reward-and-acknowledgement-program/#products-services-in-scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@wso2.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://security.docs.wso2.com/en/latest/security-reporting/reward-and-acknowledgement-program/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://security.docs.wso2.com/en/latest/security-announcements/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor",
"Open Source",
"Hosted Service"
]
},
"country": "USA"
},
{
"shortName": "ARCON",
"cnaID": "CNA-2023-0077",
"organizationName": "ARCON Techsolutions Private Limited",
"scope": "Vulnerabilities in ARCON’s products only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "product.security@arconnet.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://arconnet.com/product-security-disclosure/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://arconnet.com/security-advisories/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor"
]
},
"country": "India"
},
{
"shortName": "Checkmarx",
"cnaID": "CNA-2023-0078",
"organizationName": "Checkmarx",
"scope": "Vulnerabilities in Checkmarx products and open source vulnerabilities discovered by, or reported to, Checkmarx, that are not in another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "oss-report@checkmarx.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://devhub.checkmarx.com/disclosure-policy/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://advisory.checkmarx.net/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor",
"Open Source",
"Researcher"
]
},
"country": "Israel"
},
{
"shortName": "ASR",
"cnaID": "CNA-2023-0079",
"organizationName": "ASR Microelectronics Co., Ltd.",
"scope": "ASR products only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "product-security@asrmicro.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.asrmicro.com/en/goods/policy"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.asrmicro.com/en/goods/psirt"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "icscert",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "CISA",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA)"
},
"type": [
"Vendor"
]
},
"country": "China"
},
{
"shortName": "Ciena",
"cnaID": "CNA-2023-0080",
"organizationName": "Ciena Corporation",
"scope": "Ciena and Blue Planet branded products and technologies only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "psirt@ciena.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.ciena.com/__data/assets/pdf_file/0026/128933/Notice-of-Vulnerability-Disclosure-Policy-VDP.pdf"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.ciena.com/product-security"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor"
]
},
"country": "USA"
},
{
"shortName": "Zohocorp",
"cnaID": "CNA-2023-0081",
"organizationName": "Zohocorp",
"scope": "ManageEngine, Zoho, and Zakya branded on-premise products only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "cna@zohocorp.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://bugbounty.zohocorp.com/bb/info"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.manageengine.com/security/advisory/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor"
]
},
"country": "India"
},
{
"shortName": "Fortra",
"cnaID": "CNA-2023-0082",
"organizationName": "Fortra, LLC",
"scope": "All Fortra products and vulnerabilities discovered by Fortra in other products not covered by the scope of another CNA.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security.reports@fortra.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.fortra.com/security/policy"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.fortra.com/security"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor",
"Researcher"
]
},
"country": "USA"
},
{
"shortName": "EDB",
"cnaID": "CNA-2023-0083",
"organizationName": "EnterpriseDB Corporation",
"scope": "All EnterpriseDB products and vulnerabilities identified in open source libraries used by EnterpriseDB products unless covered by another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "disclosures@enterprisedb.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.enterprisedb.com/docs/security/vulnerability-disclosure-policy/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.enterprisedb.com/docs/security/advisories/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor",
"Open Source"
]
},
"country": "USA"
},
{
"shortName": "HiddenLayer",
"cnaID": "CNA-2023-0084",
"organizationName": "HiddenLayer, Inc.",
"scope": "All HiddenLayer systems, services, and products, as well as vulnerabilities in third-party software discovered by HiddenLayer that are not in another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "disclosure@hiddenlayer.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://hiddenlayer.com/vulnerability-disclosure-policy/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://hiddenlayer.com/research/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor",
"Hosted Service",
"Researcher"
]
},
"country": "USA"
},
{
"shortName": "arcinfo",
"cnaID": "CNA-2023-0085",
"organizationName": "ARC Informatique",
"scope": "ARC Informatique products and services.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "secure@arcinfo.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.pcvue.com/policies/vuln_disclosure"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.pcvue.com/security"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "icscert",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "CISA",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA)"
},
"type": [
"Vendor"
]
},
"country": "France"
},
{
"shortName": "ConcreteCMS",
"cnaID": "CNA-2024-0001",
"organizationName": "Concrete CMS",
"scope": "Concrete CMS Core versions 8.5 and above.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@concretecms.org"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.concretecms.org/security"
},
{
"label": "HackerOne Policy",
"language": "",
"url": "https://hackerone.com/concretecms?type=team"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.concretecms.org/about/project-news/security"
},
{
"label": "Disclosed CVEs",
"url": "https://docs.google.com/spreadsheets/d/1lduRBavCZYnKPyPRUhaUNGP2Fza-5SE6MJoAcMSvqSQ/edit#gid=0"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Open Source"
]
},
"country": "USA"
},
{
"shortName": "Pentraze",
"cnaID": "CNA-2024-0002",
"organizationName": "Pentraze Cybersecurity",
"scope": "Vulnerabilities in third-party software discovered by Pentraze Cybersecurity that are not in another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "cna@pentraze.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://pentraze.com/vulnerability-disclosure-policy/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://pentraze.com/vulnerability-reports/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Researcher"
]
},
"country": "Dominican Republic"
},
{
"shortName": "ELAN",
"cnaID": "CNA-2024-0003",
"organizationName": "ELAN Microelectronics Corp.",
"scope": "ELAN issues only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "psirt@emc.com.tw"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.emc.com.tw/emc/tw/vulnerability-disclosure-policy"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Touchpad Solutions Advisories",
"url": "https://www.emc.com.tw/emc/en/Product/Solution/TouchpadSolutions"
},
{
"label": "Biometric Solutions Advisories",
"url": "https://www.emc.com.tw/emc/en/Product/Solution/BiometricSolutions"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor"
]
},
"country": "Taiwan"
},
{
"shortName": "ChromeOS",
"cnaID": "CNA-2024-0004",
"organizationName": "ChromeOS Project",
"scope": "Vulnerabilities that are (1) reported to ChromeOS Security, (2) affect ChromeOS device software and hardware, including our open source dependencies, and (3) are not covered by another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "chromeos-security@chromium.org"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.google.com/about/appsecurity/research/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://chromereleases.googleblog.com/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "Google",
"organizationName": "Google LLC"
},
"type": [
"Vendor",
"Bug Bounty Provider"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "PostgreSQL",
"cnaID": "CNA-2024-0005",
"organizationName": "PostgreSQL",
"scope": "postgresql.org/download software and related projects listed at postgresql.org/support/security.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "cna@postgresql.org"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.postgresql.org/support/security/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.postgresql.org/support/security/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "redhat",
"organizationName": "Red Hat, Inc."
},
"type": [
"Open Source"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "Canada"
},
{
"shortName": "curl",
"cnaID": "CNA-2024-0006",
"organizationName": "curl",
"scope": "All products made and managed by the curl project. This includes curl, libcurl, and trurl.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "cve@curl.se"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://curl.se/dev/vuln-disclosure.html"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://curl.se/docs/security.html"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "redhat",
"organizationName": "Red Hat, Inc."
},
"type": [
"Open Source"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "Sweden"
},
{
"shortName": "milestonesys",
"cnaID": "CNA-2024-0007",
"organizationName": "Milestone Systems A/S",
"scope": "Supported Milestone XProtect products.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "psirt@milestonesys.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://doc.milestonesys.com/latest/en-US/portal/htm/chapter-page-cve-vulnerabilitymanagementpolicy.htm"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://supportcommunity.milestonesys.com/s/knowledgebase?language=en_US"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor"
]
},
"country": "Denmark"
},
{
"shortName": "ENISA",
"cnaID": "CNA-2024-0008",
"organizationName": "EU Agency for Cybersecurity (ENISA)",
"scope": "Vulnerabilities in information technology (IT) products discovered by European Union (EU) Computer Security Incident Response Teams (CSIRTs) or reported to EU CSIRTs for coordinated disclosure, as long as they do not fall under a CNA with a more specific scope.",
"contact": [
{
"email": [],
"contact": [
{
"label": "Contact Pages",
"url": "https://github.com/enisaeu/CNW/tree/main#vulnerability-disclosure-policies"
}
],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://csirtsnetwork.eu/homepage?tab=cvd"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://github.com/enisaeu/CNW/tree/main/advisories"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Consortium"
]
},
"country": "Greece"
},
{
"shortName": "Sonatype",
"cnaID": "CNA-2024-0009",
"organizationName": "Sonatype Inc.",
"scope": "All Sonatype products and vulnerabilities in third-party software discovered by Sonatype that are not in another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@sonatype.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://help.sonatype.com/repomanager3/product-information/repository-security-vulnerabilities"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://support.sonatype.com/hc/en-us/sections/203012668-Security-Advisories"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor",
"Researcher"
]
},
"country": "USA"
},
{
"shortName": "ERIC",
"cnaID": "CNA-2024-0010",
"organizationName": "Ericsson",
"scope": "Ericsson issues only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "psirt@ericsson.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.ericsson.com/en/about-us/security/ericsson-product-security-and-vulnerability-disclosure-policy"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.ericsson.com/en/about-us/security/security-bulletins"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor"
]
},
"country": "Sweden"
},
{
"shortName": "tlt_net",
"cnaID": "CNA-2024-0011",
"organizationName": "Teltonika Networks",
"scope": "Teltonika Networks products and services only.",
"contact": [
{
"email": [],
"contact": [
{
"label": "Teltonika Networks Security Center",
"url": "https://teltonika-networks.com/support/security-center"
}
],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://teltonika-networks.com/support/security-center"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://teltonika-networks.com/support/security-center"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "icscert",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "CISA",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA)"
},
"type": [
"Vendor"
]
},
"country": "Lithuania"
},
{
"shortName": "FSI",
"cnaID": "CNA-2024-0012",
"organizationName": "Financial Security Institute (FSI)",
"scope": "Vulnerability assignment related to FSI’s vulnerability coordination role in the South Korea financial sector that are not in another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "vuln@fsec.or.kr"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.fsec.or.kr/bbs/detail?menuNo=1010&bbsNo=11403"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.fsec.or.kr/bbs/1010"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"CERT",
"Researcher",
"Bug Bounty Provider"
]
},
"country": "South Korea"
},
{
"shortName": "glibc",
"cnaID": "CNA-2024-0013",
"organizationName": "GNU C Library",
"scope": "Security issues and vulnerabilities in the GNU C Library.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "glibc-cna@sourceware.org"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://sourceware.org/glibc/security.html"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://sourceware.org/git/?p=glibc.git;a=tree;f=advisories;hb=HEAD"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "redhat",
"organizationName": "Red Hat, Inc."
},
"type": [
"Open Source"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "USA"
},
{
"shortName": "teleport",
"cnaID": "CNA-2024-0014",
"organizationName": "Teleport",
"scope": "All Teleport (Gravitational, Inc.) products (supported products and end-of-life/end-of-service products), as well as vulnerabilities in third-party software discovered by Teleport that are not in another CNA’s scope.",
"contact": [
{
"email": [],
"contact": [
{
"label": "Teleport HackerOne contact page",
"url": "https://hackerone.com/security"
}
],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Teleport Disclosure Policy",
"language": "",
"url": "https://goteleport.com/security"
},
{
"label": "Teleport HackerOne Policy",
"language": "",
"url": "https://hackerone.com/teleport"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://github.com/gravitational/teleport/security/advisories"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor",
"Open Source",
"Researcher"
]
},
"country": "USA"
},
{
"shortName": "BT",
"cnaID": "CNA-2024-0015",
"organizationName": "BeyondTrust Inc.",
"scope": "All BeyondTrust products, including PasswordSafe, Privileged Remote Access, Remote Support, Privilege Management for Windows/Mac, Privilege Management for Unix/Linux, Identity Security Insights, Active Directory (AD) Bridge, and Total PASM.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "secure@beyondtrust.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.beyondtrust.com/disclosure"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.beyondtrust.com/trust-center/security-advisories"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor"
]
},
"country": "USA"
},
{
"shortName": "Linux",
"cnaID": "CNA-2024-0016",
"organizationName": "kernel.org",
"scope": "Any vulnerabilities in the Linux kernel as listed on kernel.org, excluding end-of-life (EOL) versions.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "cve@kernel.org"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.kernel.org/doc/html/latest/process/security-bugs.html"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://lore.kernel.org/linux-cve-announce/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor",
"Open Source"
]
},
"country": "USA"
},
{
"shortName": "DevCycle",
"cnaID": "CNA-2024-0017",
"organizationName": "DevCycle",
"scope": "All DevCycle products (including end-of-life/end-of-service products) as listed on https://devcycle.com/.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@devcycle.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://github.com/DevCycleHQ/.github/blob/main/.github/SECURITY.md"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://github.com/DevCycleHQ/.github/blob/main/.github/SECURITY.md#previous-vulnerabilities-reported"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor",
"Hosted Service",
"Open Source"
]
},
"country": "Canada"
},
{
"shortName": "directcyber",
"cnaID": "CNA-2024-0018",
"organizationName": "DirectCyber",
"scope": "Issues in third-party products identified by or reported to DirectCyber, unless covered by the scope of another CNA.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "report@directcyber.com.au"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://directcyber.com.au/report.html"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://directcyber.com.au/advisory.html"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Researcher",
"Open Source"
]
},
"country": "Australia"
},
{
"shortName": "sec1",
"cnaID": "CNA-2024-0019",
"organizationName": "Sec1",
"scope": "Vulnerabilities found in cybersecurity software solutions developed and maintained by Sec1 as listed on https://sec1.io/, and vulnerabilities identified in software projects or products where Sec1 has a direct and substantial contribution or partnership, unless covered by the scope of another CNA.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@sec1.io"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://sec1.io/sec1-public-disclosure-policy-for-cve-reporting/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://sec1.io/sec1-security-advisories/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor"
]
},
"country": "India"
},
{
"shortName": "TECNOMobile",
"cnaID": "CNA-2024-0020",
"organizationName": "TECNO Mobile Limited",
"scope": "Vulnerabilities in TECNO products and services only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security.tecno@tecno-mobile.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://security.tecno.com"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://security.tecno.com/SRC/blog"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor"
]
},
"country": "China"
},
{
"shortName": "CoolKit",
"cnaID": "CNA-2024-0021",
"organizationName": "SHENZHEN CoolKit Technology CO., LTD.",
"scope": "Products of eWeLink Solutions only, details are available at https://ewelink.cc/our-projects-scope/.",
"contact": [
{
"email": [],
"contact": [
{
"label": "eWeLink Security Report Center",
"url": "https://ewelink.cc/security-report-center/"
}
],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://ewelink.cc/wp-content/uploads/2022/04/eWeLinks-Vulnerability-Disclosure-Policy.pdf"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://ewelink.cc/security-advisories-and-notices/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor"
]
},
"country": "China"
},
{
"shortName": "openam-jp",
"cnaID": "CNA-2024-0022",
"organizationName": "OpenAM Consortium",
"scope": "Open source projects hosted on https://github.com/openam-jp.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "vulnerability@openam.jp"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://openam-jp.github.io/Disclosure-Policy/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://openam-jp.github.io/Advisories/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "jpcert",
"organizationName": "JPCERT/CC"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Open Source",
"Consortium"
]
},
"country": "Japan"
},
{
"shortName": "rami.io",
"cnaID": "CNA-2024-0023",
"organizationName": "rami.io GmbH",
"scope": "All rami.io GmbH products and open source projects, including pretix, official pretix plugins and apps, and Venueless.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@rami.io"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://rami.io/security/disclosure/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://rami.io/security/advisories/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor",
"Hosted Service",
"Open Source"
]
},
"country": "Germany"
},
{
"shortName": "Dremio",
"cnaID": "CNA-2024-0024",
"organizationName": "Dremio Corporation",
"scope": "All Dremio Corporation products.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@dremio.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.dremio.com/platform/security/responsible-disclosure-limitations/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://docs.dremio.com/current/reference/bulletins/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor",
"Open Source"
]
},
"country": "USA"
},
{
"shortName": "JAMF",
"cnaID": "CNA-2024-0025",
"organizationName": "Jamf",
"scope": "Jamf issues and Jamf Open Source.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "productsecurity@jamf.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.jamf.com/security/vulnerability-disclosure/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories in Resolved Issues",
"url": "https://learn.jamf.com/en-US/bundle/jamf-pro-release-notes-current/page/Resolved_Issues.html"
},
{
"label": "Advisories in Release History",
"url": "https://learn.jamf.com/en-US/bundle/jamf-infrastructure-manager-ldap-proxy-install-guide/page/Release_History.html"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor",
"Open Source"
]
},
"country": "USA"
},
{
"shortName": "Edgewatch",
"cnaID": "CNA-2024-0026",
"organizationName": "Edgewatch Security Intelligence",
"scope": "Vulnerabilities in third-party software discovered by Edgewatch that are not in another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@edgewatch.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://edgewatch.com/legal/disclosure/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://edgewatch.com/vulnerability-advisories/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "INCIBE",
"organizationName": "Spanish National Cybersecurity Institute, S.A. (INCIBE)"
},
"type": [
"Hosted Service",
"Researcher"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "Spain"
},
{
"shortName": "cirosec",
"cnaID": "CNA-2024-0027",
"organizationName": "cirosec GmbH",
"scope": "Vulnerabilities discovered by or reported to cirosec researchers that are not in another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "cve-request@cirosec.de"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "German",
"url": "https://cirosec.de/cirosec-responsible-disclosure-policy/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://cirosec.de/en/blog/#vulnerabilities"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Researcher"
]
},
"country": "Germany"
},
{
"shortName": "Microchip",
"cnaID": "CNA-2024-0028",
"organizationName": "Microchip Technology",
"scope": "Microchip Technology products only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "psirt@microchip.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://microchip.com/psirt"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://microchip.com/psirt"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor"
]
},
"country": "USA"
},
{
"shortName": "Tego_Cyber",
"cnaID": "CNA-2024-0029",
"organizationName": "Tego Cyber, Inc.",
"scope": "Tego Cyber issues and vulnerabilities discovered by Tego in third-party products, unless covered under the scope of another CNA.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "cve@tegocyber.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://tegocyber.com/security/vulnerability-disclosure"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://tegocyber.com/security/security-advisories"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor",
"Researcher"
]
},
"country": "USA"
},
{
"shortName": "N-able",
"cnaID": "CNA-2024-0030",
"organizationName": "N-able",
"scope": "N-able branded products and technologies only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "psirt@n-able.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.n-able.com/security-and-privacy/vulnerability-disclosure-policy"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://me.n-able.com/s/global-search/%40uri#t=All&sort=relevancy&f:@repositorytype=[Security_Advisory]"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor"
]
},
"country": "USA"
},
{
"shortName": "OS-S",
"cnaID": "CNA-2024-0031",
"organizationName": "OpenSource Security GmbH",
"scope": "Vulnerabilities discovered by or reported to OpenSource Security, unless covered by another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "cve@os-s.de"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://os-s.net/en/research/responsible-disclosure/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://os-s.net/en/publications/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Researcher"
]
},
"country": "Germany"
},
{
"shortName": "TXOne",
"cnaID": "CNA-2024-0032",
"organizationName": "TXOne Networks, Inc.",
"scope": "Vulnerabilities in TXOne Networks products, including end-of-life products, or third-party operational technology (OT) and industrial control systems (ICS) products, unless covered by the scope of another CNA.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@txone.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.txone.com/psirt/disclosure-policy/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.txone.com/psirt/advisories/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "icscert",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "CISA",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA)"
},
"type": [
"Vendor",
"Researcher"
]
},
"country": "Taiwan"
},
{
"shortName": "SCIEX",
"cnaID": "CNA-2024-0033",
"organizationName": "SCIEX",
"scope": "SCIEX branded products only.",
"contact": [
{
"email": [],
"contact": [
{
"label": "SCIEX Support",
"url": "https://sciex.com/support"
}
],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://sciex.com/support/product-security/coordinated-vulnerabilities-disclosure-policy"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://sciex.com/support/product-security/known-vulnerabilities"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "icscert",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "CISA",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA)"
},
"type": [
"Vendor"
]
},
"country": "USA"
},
{
"shortName": "LMS",
"cnaID": "CNA-2024-0034",
"organizationName": "Leica Microsystems",
"scope": "Leica Microsystems products as listed on https://www.leica-microsystems.com/products.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "productsecurity@leica-microsystems.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.leica-microsystems.com/company/product-security"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.leica-microsystems.com/company/product-security/product-security-updates/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "icscert",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "CISA",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA)"
},
"type": [
"Vendor"
]
},
"country": "Germany"
},
{
"shortName": "vx",
"cnaID": "CNA-2024-0035",
"organizationName": "VotingWorks",
"scope": "Vulnerabilities in VotingWorks voting systems, hardware, and software.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@voting.works"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://github.com/votingworks/vxsuite?tab=security-ov-file"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://github.com/votingworks/vxsuite/security/advisories"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "icscert",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "CISA",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA)"
},
"type": [
"Vendor",
"Open Source"
]
},
"country": "USA"
},
{
"shortName": "ConnectWise",
"cnaID": "CNA-2024-0036",
"organizationName": "ConnectWise LLC",
"scope": "All ConnectWise products and services and vulnerabilities discovered by ConnectWise in third party products that are not within another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "disclosure@connectwise.com"
}
],
"contact": [
{
"label": "Trust Center",
"url": "https://www.connectwise.com/company/trust"
}
],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.connectwise.com/company/trust/security/vulnerability-disclosure-policy"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Bulletins",
"url": "https://www.connectwise.com/company/trust/security-bulletins"
},
{
"label": "Advisories",
"url": "https://www.connectwise.com/company/trust/advisories"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor",
"Researcher"
]
},
"country": "USA"
},
{
"shortName": "ClickHouse",
"cnaID": "CNA-2024-0037",
"organizationName": "ClickHouse, Inc.",
"scope": "ClickHouse-owned products, not including end-of-life components.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@clickhouse.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://github.com/ClickHouse/ClickHouse/security/policy"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://clickhouse.com/docs/en/whats-new/security-changelog"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor",
"Open Source"
]
},
"country": "USA"
},
{
"shortName": "sba-research",
"cnaID": "CNA-2024-0038",
"organizationName": "SBA Research gGmbH",
"scope": "Vulnerabilities discovered by SBA Research or reported to SBA Research by partner organizations that are not in another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "cve-coordination@sba-research.org"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.sba-research.org/about/vulnerability-disclosure-policy/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://github.com/sbaresearch/advisories"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Researcher"
]
},
"country": "Austria"
},
{
"shortName": "WindRiver",
"cnaID": "CNA-2024-0039",
"organizationName": "Wind River Systems Inc.",
"scope": "All Wind River branded products as found on windriver.com including vulnerabilities in natively developed or modified product incorporated components, and only product incorporated third-party components not in another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "PSIRT@windriver.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.windriver.com/psirt-policy"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.windriver.com/security/vulnerability-responses"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "icscert",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "CISA",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA)"
},
"type": [
"Vendor"
]
},
"country": "USA"
},
{
"shortName": "KoreLogic",
"cnaID": "CNA-2024-0040",
"organizationName": "KoreLogic Security",
"scope": "Vulnerabilities in the KoreLogic website and other KoreLogic controlled assets, as well as vulnerabilities discovered by or reported to KoreLogic, unless covered by the scope of another CNA.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "disclosures@korelogic.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://korelogic.com/KoreLogic-Public-Vulnerability-Disclosure-Policy"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://korelogic.com/advisories.html"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Researcher"
]
},
"country": "USA"
},
{
"shortName": "HeroDevs",
"cnaID": "CNA-2024-0041",
"organizationName": "HeroDevs",
"scope": "End of life open source projects supported by HeroDevs if hosted on HeroDevs.com, or issues in open source projects discovered by or reported to HeroDevs, unless covered by the scope of another CNA.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "disclosures@herodevs.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://docs.herodevs.com/policies/security-disclosure"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://docs.herodevs.com/advisories"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor",
"Open Source",
"Researcher"
]
},
"country": "USA"
},
{
"shortName": "Kong",
"cnaID": "CNA-2024-0042",
"organizationName": "Kong Inc.",
"scope": "Kong products; Kong Konnect, Kong Enterprise, Kong Mesh, and Kong Insomnia, including Kong Opensource; Kong Gateway, Kuma, Insomnia.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "vulnerability@konghq.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://konghq.com/compliance/bug-bounty"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://konghq.com/compliance/psa"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor"
]
},
"country": "USA"
},
{
"shortName": "upKeeper",
"cnaID": "CNA-2024-0043",
"organizationName": "upKeeper Solutions",
"scope": "All upKeeper Solutions products, excluding end-of-life (EOL) as listed in the upKeeper Solutions End of Life Policy.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "secure@upkeeper.se"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://support.upkeeper.se/hc/en-us/articles/14123589368092-Coordinated-Vulnerability-Disclosure"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://support.upkeeper.se/hc/en-us/articles/14170844051868-Security-Advisories"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor"
]
},
"country": "Sweden"
},
{
"shortName": "Cato",
"cnaID": "CNA-2024-0044",
"organizationName": "Cato Networks",
"scope": "All Cato Networks products and vulnerabilities in third-party products affecting Cato products unless covered by the scope of another CNA.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "vulnerability-report@catonetworks.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://event.catonetworks.com/securityissuesreport"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://securityadvisories.catonetworks.com/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor",
"Researcher"
]
},
"country": "Israel"
},
{
"shortName": "AMZN",
"cnaID": "CNA-2024-0045",
"organizationName": "Amazon",
"scope": "All Amazon and AWS products (including subsidiaries, supported, and EOL/EOS products), as well as vulnerabilities in third party software discovered by Amazon/AWS that are not in another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "aws-security@amazon.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://aws.amazon.com/security/vulnerability-reporting"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://aws.amazon.com/security/security-bulletins"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor",
"Bug Bounty Provider",
"Open Source"
]
},
"country": "USA"
},
{
"shortName": "RealPage",
"cnaID": "CNA-2024-0046",
"organizationName": "RealPage",
"scope": "Vulnerabilities in RealPage products and services including but not limited to: Keyready, Knock CRM, HomeWiseDocs, REDS (Real Estate Data Solutions), G5, WhiteSky Communications, Chirp Systems, STRATIS IoT, Modern Message (Community Rewards), Hipercept, Investor Management Services, AIM, FUEL, Buildium, All Property Management, SimpleBills, DepositIQ, Rentlytics, ClickPay, LeaseLabs, PEX, On-Site, American Utility Management (AUM), Axiometrics, Lease Rent Optimization (LRO), AssetEye, NWP Services Corporation, Indatus, ActiveBuilding, RentMineOnline (RMO), MyNewPlace, Compliance Depot, SeniorLiving.net, eREI, Domin-8, Level One, Propertyware, Opstechnology, LeasingDesk, and YieldStar.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "responsibledisclosure@realpage.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.realpage.com/support/security/responsible-disclosure/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.realpage.com/support/security/responsible-disclosure/security-advisories/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor"
]
},
"country": "USA"
},
{
"shortName": "Huntress",
"cnaID": "CNA-2024-0047",
"organizationName": "Huntress Labs Inc.",
"scope": "All Huntress products, as well as vulnerabilities in third-party software discovered by Huntress that are not in another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security-disclosures@huntresslabs.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://support.huntress.io/hc/en-us/categories/10962594482579-Vulnerability-Disclosures"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://support.huntress.io/hc/en-us/categories/10962594482579-Vulnerability-Disclosures"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor",
"Researcher"
]
},
"country": "USA"
},
{
"shortName": "Forescout",
"cnaID": "CNA-2024-0048",
"organizationName": "Forescout Technologies",
"scope": "Forescout issues only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@forescout.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.forescout.com/security-disclosure/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://docs.forescout.com/bundle/vulnerabilities/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor"
]
},
"country": "USA"
},
{
"shortName": "9front",
"cnaID": "CNA-2024-0049",
"organizationName": "9front Systems",
"scope": "All software produced as part of the Plan9front open source operating system, as well as its applications and cyberinfrastructure. Vulnerabilities discovered by or reported to 9front Systems for all Plan 9 software not covered by the scope of another CNA.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "bugs@9front.org"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "http://bugs.9front.org/disclosure"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "http://bugs.9front.org/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Open Source"
]
},
"country": "USA"
},
{
"shortName": "ivanti",
"cnaID": "CNA-2024-0050",
"organizationName": "Ivanti",
"scope": "Vulnerabilities in supported Ivanti products and infrastructure, excluding third-party components, and meeting severity thresholds defined in Ivanti’s Disclosure Policy found here.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "responsible.disclosure@ivanti.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.ivanti.com/support/contact-security"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.ivanti.com/blog/topics/security-advisory"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor"
]
},
"country": "USA"
},
{
"shortName": "imaginationtech",
"cnaID": "CNA-2024-0051",
"organizationName": "Imagination Technologies",
"scope": "Imagination Technologies branded products and technologies and Imagination Technologies (IMG) managed open source projects.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@imgtec.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.imaginationtech.com/product-security-policy/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.imaginationtech.com/gpu-driver-vulnerabilities/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor",
"Open Source"
]
},
"country": "UK"
},
{
"shortName": "Intigriti",
"cnaID": "CNA-2024-0052",
"organizationName": "Intigriti",
"scope": "Vulnerabilities in Intigriti products and vulnerabilities discovered by, or reported to, Intigriti that are not in another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "cve@intigriti.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://app.intigriti.com/programs/intigriti/intigriti/detail"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://trust.intigriti.com/resources"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Bug Bounty Provider",
"Hosted Service",
"Vendor"
]
},
"country": "Belgium"
},
{
"shortName": "Stryker",
"cnaID": "CNA-2024-0053",
"organizationName": "Stryker Corporation",
"scope": "All products of Stryker or a Stryker company including end-of-life/end-of-service products, and vulnerabilities in third-party software used in Stryker products that are not in another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "productsecurity@stryker.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.stryker.com/us/en/about/governance/cyber-security.html"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.stryker.com/us/en/about/governance/cyber-security/product-security.html"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "icscert",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "CISA",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA)"
},
"type": [
"Vendor",
"Researcher"
]
},
"country": "USA"
},
{
"shortName": "watchdog",
"cnaID": "CNA-2024-0054",
"organizationName": "WatchDogDevelopment.com, LLC",
"scope": "All WatchDog products.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@watchdog.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://watchdog.com/vulnerability-disclosure-policy/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://watchdog.com/vulnerability-disclosure-policy/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor"
]
},
"country": "USA"
},
{
"shortName": "Proton",
"cnaID": "CNA-2024-0056",
"organizationName": "Proton AG",
"scope": "Proton AG issues only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "Security@proton.me"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://proton.me/security/vulnerability-disclosure"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://proton.me/security/security-advisories"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor"
]
},
"country": "Switzerland"
},
{
"shortName": "Wiz",
"cnaID": "CNA-2024-0057",
"organizationName": "Wiz, Inc.",
"scope": "Vulnerabilities identified in Wiz products, and vulnerabilities discovered by, or reported to, Wiz that are not in another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "cve-coordination@wiz.io"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.wiz.io/security-disclosures"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.wiz.io/security-advisories"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor",
"Researcher"
]
},
"country": "USA"
},
{
"shortName": "Supermicro",
"cnaID": "CNA-2024-0058",
"organizationName": "Super Micro Computer, Inc.",
"scope": "Supermicro branded products, managed system, or software projects.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "secure@supermicro.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.supermicro.com/en/support/security_center#!report"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.supermicro.com/en/support/security_center#!advisories"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor"
]
},
"country": "USA"
},
{
"shortName": "MON-CSIRT",
"cnaID": "CNA-2024-0059",
"organizationName": "Monash University - Cyber Security Incident Response Team",
"scope": "Vulnerabilities in any Monash University developed products, or vulnerabilities identified in third-party vendor products used by Monash University, unless covered by the scope of another CNA.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "cve-coordination@monash.edu"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.monash.edu/cybersecurity/about/mon-csirt"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.monash.edu/cybersecurity/about/mon-csirt"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"CERT",
"Open Source",
"Researcher"
]
},
"country": "Australia"
},
{
"shortName": "seal",
"cnaID": "CNA-2024-0060",
"organizationName": "Seal Security",
"scope": "Vulnerabilities in Seal products or services and vulnerabilities discovered in open source libraries unless covered by the scope of another CNA.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "cve@sealsecurity.io"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://docs.sealsecurity.io/vulnerability-disclosure"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://app.sealsecurity.io/repository"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor",
"Open Source"
]
},
"country": "USA"
},
{
"shortName": "Cytiva",
"cnaID": "CNA-2024-0061",
"organizationName": "Cytiva",
"scope": "Cytiva branded products only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "cytiva_productsecurity@cytiva.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.cytivalifesciences.com/en/se/product-security/disclosure-process"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.cytivalifesciences.com/en/se/product-security"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "icscert",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "CISA",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA)"
},
"type": [
"Vendor"
]
},
"country": "USA"
},
{
"shortName": "Arxscan",
"cnaID": "CNA-2024-0062",
"organizationName": "Arxscan, Inc.",
"scope": "Arxscan issues only.",
"contact": [
{
"email": [],
"contact": [
{
"label": "Arxscan Report a Vulnerability page",
"url": "https://arxscan.com/cybersecurity-vulnerability-policy/report-a-vulnerability"
}
],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://arxscan.com/cybersecurity-vulnerability-policy"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://arxscan.com/cybersecurity-vulnerability-policy/security-advisories"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor"
]
},
"country": "USA"
},
{
"shortName": "PlexTrac",
"cnaID": "CNA-2024-0063",
"organizationName": "PlexTrac, Inc.",
"scope": "Vulnerabilities within PlexTrac’s products.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@plextrac.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://plextrac.com/vulnerability-disclosure/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://docs.plextrac.com/plextrac-documentation/master/security-advisories"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor"
]
},
"country": "USA"
},
{
"shortName": "ASUS",
"cnaID": "CNA-2024-0064",
"organizationName": "ASUSTeK Computer Incorporation",
"scope": "ASUS issues only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@asus.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.asus.com/content/asus-product-security-advisory/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.asus.com/content/asus-product-security-advisory/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "icscert",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "CISA",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA)"
},
"type": [
"Vendor"
]
},
"country": "Taiwan"
},
{
"shortName": "Pall",
"cnaID": "CNA-2024-0065",
"organizationName": "Pall Corporation",
"scope": "Pall branded products only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "productsecurity@pall.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.pall.com/en/about-pall/product-security-cvd.html"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.pall.com/en/about-pall/product-security-cvd/known-vulnerabilities.html"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "icscert",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "CISA",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA)"
},
"type": [
"Vendor"
]
},
"country": "USA"
},
{
"shortName": "MyMMT",
"cnaID": "CNA-2024-0066",
"organizationName": "Mammotome",
"scope": "All Mammotome products.",
"contact": [
{
"email": [],
"contact": [
{
"label": "Mammotome Report a Vulnerability page",
"url": "https://www.mammotome.com/us/en/legal/product-security/report-a-security-vulnerability"
}
],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.mammotome.com/us/en/legal/product-security/product-security-overview"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.mammotome.com/us/en/legal/product-security/product-security-updates"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "icscert",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "CISA",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA)"
},
"type": [
"Vendor"
]
},
"country": "USA"
},
{
"shortName": "wikimedia-foundation",
"cnaID": "CNA-2024-0067",
"organizationName": "The Wikimedia Foundation",
"scope": "Any code repository hosted under gerrit.wikimedia.org, gitlab.wikimedia.org, or github.com/wikimedia that is not labeled as archived or marked as a fork of an upstream project. Please see our disclosure policy for additional exclusions to scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@wikimedia.org"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.mediawiki.org/wiki/Reporting_security_bugs"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://gitlab.wikimedia.org/repos/security/wikimedia-cve-assignments"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Open Source"
]
},
"country": "USA"
},
{
"shortName": "RTI",
"cnaID": "CNA-2024-0068",
"organizationName": "Real-Time Innovations, Inc.",
"scope": "All RTI Connext products, including EOL products. See https://www.rti.com/products for more information.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@rti.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://community.rti.com/static/documentation/connext-dds/current/doc/vulnerabilities/#rti-s-approach-to-vulnerability-detection-and-management"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://community.rti.com/static/documentation/connext-dds/current/doc/vulnerabilities/#"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor"
]
},
"country": "USA"
},
{
"shortName": "PingCAP",
"cnaID": "CNA-2024-0069",
"organizationName": "PingCAP (US), Inc.",
"scope": "Vulnerabilities in the following PingCAP maintained products and components: TiDB (code available at https://github.com/pingcap/tidb); TiKV (code available at https://github.com/tikv/tikv); PD (Placement Driver, code available at https://github.com/tikv/pd); TiFlash (code available at https://github.com/pingcap/tiflash); and tidbcloud (PingCAP’s cloud database service). This scope includes vulnerabilities in all supported versions of these products. CVE IDs will not be assigned for vulnerabilities found in unsupported versions or for third-party dependencies not maintained by PingCAP.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@pingcap.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.pingcap.com/security/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.pingcap.com/security/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor",
"Open Source",
"Hosted Service"
]
},
"country": "USA"
},
{
"shortName": "OMRON",
"cnaID": "CNA-2024-0070",
"organizationName": "OMRON Corporation",
"scope": "Omron Group companies’ Industrial Automation, Healthcare, Social Systems, Device & Module Solutions issues only.",
"contact": [
{
"email": [],
"contact": [
{
"label": "OMRON PSIRT Contact page",
"url": "https://www.omron.com/contact/ContactForm.do?FID=00282"
}
],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.omron.com/contact/ContactForm.do?FID=00282"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.omron.com/global/en/inquiry/vulnerability_information/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "jpcert",
"organizationName": "JPCERT/CC"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "Japan"
},
{
"shortName": "CSA",
"cnaID": "CNA-2024-0071",
"organizationName": "Cyber Security Agency of Singapore",
"scope": "Vulnerabilities reported to CSA unless covered by the scope of another CNA.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "singcert@csa.gov.sg"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.csa.gov.sg/resources/singcert/csa-as-a-cve-numbering-authority--cna-"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.csa.gov.sg/alerts-advisories"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"CERT"
]
},
"country": "Singapore"
},
{
"shortName": "LeicaBiosystems",
"cnaID": "CNA-2024-0072",
"organizationName": "Leica Biosystems",
"scope": "All Leica Biosystems products.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "lbs.productsecurity@leicabiosystems.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.leicabiosystems.com/us/about/coordinated-vulnerability-disclosure-cvd-process/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.leicabiosystems.com/us/about/product-security-advisories/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "icscert",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "CISA",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA)"
},
"type": [
"Vendor"
]
},
"country": "USA"
},
{
"shortName": "Neo4j",
"cnaID": "CNA-2024-0073",
"organizationName": "Neo4j",
"scope": "Neo4j products and Neo4j-maintained projects only, not including end-of-life components or products.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@neo4j.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://neo4j.com/trust-center/responsible-disclosure/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://neo4j.com/security/advisories/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor",
"Open Source"
]
},
"country": "Sweden"
},
{
"shortName": "OnLogic",
"cnaID": "CNA-2024-0074",
"organizationName": "OnLogic",
"scope": "OnLogic issues only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "soc@onlogic.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://storage.googleapis.com/ls-public-web-content/Security/STORM-Cybersecurity%20Policy-Vulnerability%20Disclosure.pdf"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://support.onlogic.com/security-advisory/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor"
]
},
"country": "USA"
},
{
"shortName": "OB",
"cnaID": "CNA-2024-0075",
"organizationName": "OceanBase",
"scope": "OceanBase products only, not including end-of-life components or products.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@oceanbase.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://en.oceanbase.com/security"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://github.com/oceanbase/oceanbase/issues"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor"
]
},
"country": "China"
},
{
"shortName": "Gridware",
"cnaID": "CNA-2024-0076",
"organizationName": "Gridware Cybersecurity",
"scope": "Gridware software, services, and infrastructure issues, as well as vulnerabilities discovered by or reported to Gridware researchers that are not in another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "ict.security@gridware.com.au"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.gridware.com.au/vulnerability-disclosure-policy/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.gridware.com.au/security-advisories/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "redhat",
"organizationName": "Red Hat, Inc."
},
"type": [
"Researcher"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "Australia"
},
{
"shortName": "BECDX",
"cnaID": "CNA-2024-0077",
"organizationName": "Beckman Coulter Diagnostics",
"scope": "Beckman Coulter Diagnostics manufactured products and technologies only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "ProductSecurity@beckman.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.beckmancoulter.com/en/about-beckman-coulter/product-security"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.beckmancoulter.com/en/about-beckman-coulter/product-security/product-security-updates"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "icscert",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "CISA",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA)"
},
"type": [
"Vendor"
]
},
"country": "USA"
},
{
"shortName": "Omnissa",
"cnaID": "CNA-2024-0078",
"organizationName": "Omnissa, LLC",
"scope": "All Omnissa products and services, including Workspace ONE and Horizon.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@omnissa.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://static.omnissa.com/uploads/omnissa-external-vulnerability-response-and-remediation-policy.pdf"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.omnissa.com/omnissa-security-response/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor"
]
},
"country": "USA"
},
{
"shortName": "graphql-java",
"cnaID": "CNA-2024-0079",
"organizationName": "GraphQL Java",
"scope": "GraphQL Java, Java DataLoader, GraphQL Java Extended Scalars, and GraphQL Java Extended Validation.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "cve@graphql-java.com"
}
],
"contact": [
{
"label": "Reporting a Vulnerability page",
"url": "https://github.com/graphql-java/graphql-java/security#reporting-a-vulnerability"
}
],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.graphql-java.com/security"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.graphql-java.com/security/#common-vulnerabilities-and-exposures-cves"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "redhat",
"organizationName": "Red Hat, Inc."
},
"type": [
"Vendor",
"Open Source"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "Australia"
},
{
"shortName": "BECLS",
"cnaID": "CNA-2024-0080",
"organizationName": "Beckman Coulter Life Sciences",
"scope": "Beckman Coulter Life Sciences manufactured products and technologies only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "ProductSecurity@beckman.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.beckman.com/about-us/compliance/coordinated-vulnerability-disclosure"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.beckman.com/about-us/compliance/coordinated-vulnerability-disclosure/product-security-updates"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "icscert",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "CISA",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA)"
},
"type": [
"Vendor"
]
},
"country": "USA"
},
{
"shortName": "Radiometer",
"cnaID": "CNA-2024-0081",
"organizationName": "Radiometer Medical ApS",
"scope": "Radiometer products only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "product.security@radiometer.dk"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.radiometer.com/en/about-radiometer/legal/coordinated-vulnerability-disclosure"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.radiometer.com/en/myradiometer"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "icscert",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "CISA",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA)"
},
"type": [
"Vendor"
]
},
"country": "Denmark"
},
{
"shortName": "Deltaww",
"cnaID": "CNA-2024-0082",
"organizationName": "Delta Electronics, Inc.",
"scope": "Delta Electronics products as listed on www.deltaww.com.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "Delta.PSIRT@deltaww.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.deltaww.com/en-US/information/Cybersecurity-Vulnerability-Management-Policy"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.deltaww.com/en-US/Cybersecurity_Advisory"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "icscert",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "CISA",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA)"
},
"type": [
"Vendor"
]
},
"country": "Taiwan"
},
{
"shortName": "bizerba",
"cnaID": "CNA-2024-0083",
"organizationName": "Bizerba SE & Co. KG",
"scope": "Bizerba products only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@bizerba.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.bizerba.com/int/en/family-owned-and-operated-company-since-1866/corporate-governance-acting-responsibly-globally/security-policy"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.bizerba.com/us/en/family-owned-and-operated-company-since-1866/corporate-governance-acting-responsibly-globally/bizerba-security-information"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor"
]
},
"country": "Germany"
},
{
"shortName": "iManage",
"cnaID": "CNA-2024-0084",
"organizationName": "iManage LLC",
"scope": "iManage issues only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "ProductVulnerability@imanage.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://docs.imanage.com/security/Vulnerability_Disclosure_Policy.html"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://docs.imanage.com/security/Security_Vulnerabilities.html"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor"
]
},
"country": "USA"
},
{
"shortName": "Automox",
"cnaID": "CNA-2024-0085",
"organizationName": "Automox Inc.",
"scope": "All products created by Automox.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "disclosures@automox.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.automox.com/platform/security/responsible-disclosure"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.automox.com/platform/security/security-bulletin"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor",
"Hosted Service"
]
},
"country": "USA"
},
{
"shortName": "Delinea",
"cnaID": "CNA-2024-0086",
"organizationName": "Delinea, Inc.",
"scope": "Vulnerabilities in Delinea products or services listed on delinea.com, or vulnerabilities in third-party products or services discovered by or reported to Delinea, unless covered by the scope of another CNA.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "cve@delinea.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://trust.delinea.com/?itemUid=56583ca0-6561-4cf3-a150-8c0c45d214cf"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://trust.delinea.com/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor",
"Hosted Service",
"Researcher"
]
},
"country": "USA"
},
{
"shortName": "CEP",
"cnaID": "CNA-2024-0087",
"organizationName": "Cepheid",
"scope": "Cepheid products.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "productsecurity@cepheid.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.cepheid.com/en-US/legal/product-security.html"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.cepheid.com/en-US/legal/product-security/product-security-updates.html"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "icscert",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "CISA",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA)"
},
"type": [
"Vendor"
]
},
"country": "USA"
},
{
"shortName": "S21sec",
"cnaID": "CNA-2024-0088",
"organizationName": "S21sec Cyber Solutions by Thales",
"scope": "Vulnerabilities discovered by S21sec that are not within another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "cve-coordination@s21sec.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.s21sec.com/CVEdisclosurepolicy/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.s21sec.com/CVElist/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "THA-PSIRT",
"organizationName": "Thales Group"
},
"type": [
"Researcher"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "Spain"
},
{
"shortName": "Roche",
"cnaID": "CNA-2024-0089",
"organizationName": "Roche Diagnostics",
"scope": "Roche’s medical technology products.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "product.security@roche.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://diagnostics.roche.com/global/en/legal/vulnerability-and-incident-handling-policy.html"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://diagnostics.roche.com/global/en/legal/product-security-advisory.html"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "icscert",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "CISA",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA)"
},
"type": [
"Vendor"
]
},
"country": "Switzerland"
},
{
"shortName": "MolDev",
"cnaID": "CNA-2025-0001",
"organizationName": "Molecular Devices",
"scope": "Molecular Devices products only as listed on moleculardevices.com/products.",
"contact": [
{
"email": [],
"contact": [
{
"label": "CVD Submission Contact and Process",
"url": "https://www.moleculardevices.com/coordinated-vulnerability-disclosure-policy"
}
],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.moleculardevices.com/coordinated-vulnerability-disclosure-policy"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://support.moleculardevices.com/s/article/Molecular-Devices-Security-Advisory"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "icscert",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "CISA",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA)"
},
"type": [
"Vendor"
]
},
"country": "USA"
},
{
"shortName": "SOCRadar",
"cnaID": "CNA-2025-0002",
"organizationName": "SOCRadar Cyber Intelligence Inc.",
"scope": "Vulnerabilities in SOCRadar products and services and vulnerabilities discovered by or reported to SOCRadar that are not in another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@socradar.io"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://socradar.io/security/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://socradar.io/labs/cve-radar/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "icscert",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "CISA",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA)"
},
"type": [
"Vendor",
"Researcher"
]
},
"country": "USA"
},
{
"shortName": "PTC",
"cnaID": "CNA-2025-0003",
"organizationName": "PTC Inc.",
"scope": "All currently supported PTC software products and cloud/SaaS services.",
"contact": [
{
"email": [],
"contact": [
{
"label": "Vulnerability Reporting page",
"url": "https://www.ptc.com/documents/security/coordinated-vulnerability-disclosure"
}
],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.ptc.com/documents/security/coordinated-vulnerability-disclosure"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.ptc.com/en/about/trust-center/advisory-center"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "icscert",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "CISA",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA)"
},
"type": [
"Vendor"
]
},
"country": "USA"
},
{
"shortName": "HemoCue",
"cnaID": "CNA-2025-0004",
"organizationName": "HemoCue AB",
"scope": "HemoCue branded products and technologies only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "productsecurity@hemocue.se"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://global.hemocue.com/product-security/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://global.hemocue.com/product-security/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "icscert",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "CISA",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA)"
},
"type": [
"Vendor"
]
},
"country": "Sweden"
},
{
"shortName": "securepoint",
"cnaID": "CNA-2025-0005",
"organizationName": "Securepoint GmbH",
"scope": "Securepoint GmbH issues only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@securepoint.de"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.securepoint.de/disclosure-policy"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://wiki.securepoint.de/Advisory"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor"
]
},
"country": "Germany"
},
{
"shortName": "Centreon",
"cnaID": "CNA-2025-0006",
"organizationName": "Centreon",
"scope": "All Centreon product issues only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@centreon.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://vdp.centreon.com/p/centreon-VDP"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://thewatch.centreon.com/latest-security-bulletins-64"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor",
"Open Source"
]
},
"country": "France"
},
{
"shortName": "ATIS",
"cnaID": "CNA-2025-0007",
"organizationName": "ATISoluciones Diseño de Sistemas Electrónicos, S.L.",
"scope": "AtiSoluciones products only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "cve@atisoluciones.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.atisoluciones.com/politica-cve"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.atisoluciones.com/incidentes-cve"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "INCIBE",
"organizationName": "Spanish National Cybersecurity Institute, S.A. (INCIBE)"
},
"type": [
"Vendor"
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
]
},
"country": "Spain"
},
{
"shortName": "PangeaCyber",
"cnaID": "CNA-2025-0008",
"organizationName": "Pangea Cyber Corporation",
"scope": "All Pangea Cyber products and services, as well as vulnerabilities in third-party software that are not in another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@pangea.cloud"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://pangea.cloud/security/vdp"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://pangea.cloud/security/advisories"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor",
"Hosted Service",
"Researcher"
]
},
"country": "USA"
},
{
"shortName": "Softing",
"cnaID": "CNA-2025-0009",
"organizationName": "Softing",
"scope": "Softing issues only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "psirt@softing.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://company.softing.com/psirt.html"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://company.softing.com/psirt.html"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor"
]
},
"country": "Germany"
},
{
"shortName": "Danfoss",
"cnaID": "CNA-2025-0010",
"organizationName": "Danfoss",
"scope": "Danfoss products only.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@danfoss.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.danfoss.com/en/service-and-support/coordinated-vulnerability-disclosure/vulnerability-disclosure-policy/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.danfoss.com/en/service-and-support/coordinated-vulnerability-disclosure/danfoss-security-advisories/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "icscert",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "CISA",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA)"
},
"type": [
"Vendor"
]
},
"country": "Denmark"
},
{
"shortName": "Saviynt",
"cnaID": "CNA-2025-0011",
"organizationName": "Saviynt Inc.",
"scope": "Vulnerabilities discovered in Saviynt products.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@saviynt.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://saviynt.com/saviynt-responsible-disclosure-policy/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://saviynt.com/trust-compliance-security"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Vendor"
]
},
"country": "USA"
},
{
"shortName": "CPANSec",
"cnaID": "CNA-2025-0012",
"organizationName": "CPAN Security Group",
"scope": "Vulnerabilities in Perl and CPAN Modules (including End-of-Life Perl versions) found at https://perl.org, https://cpan.org, or https://metacpan.org/, excluding distributions of Perl or CPAN Modules maintained by third-party redistributors.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "cve-request@security.metacpan.org"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://security.metacpan.org/docs/cna-disclosure-policy.html"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://lists.security.metacpan.org/cve-announce/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "n/a",
"organizationName": "n/a"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "mitre",
"organizationName": "MITRE Corporation"
},
"type": [
"Open Source"
]
},
"country": "Canada"
},
{
"shortName": "IDT-DNA",
"cnaID": "CNA-2025-0013",
"organizationName": "Integrated DNA Technologies, Inc.",
"scope": "Vulnerabilities within IDT-manufactured products, software, and services that are in-service.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "ProductSecurity@idtdna.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://www.idtdna.com/pages/support/vulnerability-disclosure-process/"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.idtdna.com/pages/support/vulnerability-disclosure-process/known-vulnerabilities"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "icscert",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "CISA",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA)"
},
"type": [
"Vendor"
]
},
"country": "USA"
},
{
"shortName": "TMUS",
"cnaID": "CNA-2025-0014",
"organizationName": "T-Mobile US",
"scope": "All T-Mobile US products (including end-of-life/end-of-service products), as well as vulnerabilities in third-party software/hardware discovered by T-Mobile US that are not in another CNA’s scope.",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@t-mobile.com"
}
],
"contact": [],
"form": []
}
],
"disclosurePolicy": [
{
"label": "Policy",
"language": "",
"url": "https://bugcrowd.com/engagements/t-mobile"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://t-mobile.github.io/"
}
]
},
"resources": [],
"CNA": {
"isRoot": false,
"root": {
"shortName": "icscert",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)"
},
"roles": [
{
"helpText": "",
"role": "CNA"
}
],
"TLR": {
"shortName": "CISA",
"organizationName": "Cybersecurity and Infrastructure Security Agency (CISA)"
},
"type": [
"Vendor",
"Researcher"
]
},
"country": "USA"
}
]