Merge pull request #3496 from CVEProject/int

3/11/25 Release: INT to MAIN

Author: jdaigneau5

src/assets/data/CNAsList.json

@@ -12368,16 +12368,16 @@
       "country": "USA"
   },
   {
-    "shortName": "GE_GP",
+    "shortName": "GE_Vernova",
     "cnaID": "CNA-2022-0009",
-    "organizationName": "General Electric (Gas Power)",
-    "scope": "GE (Gas Power) issues only.",
+    "organizationName": "GE Vernova",
+    "scope": "All GE Vernova products.",
     "contact": [
       {
         "email": [
           {
             "label": "Email",
-            "emailAddr": "GEPowerCVD@ge.com"
+            "emailAddr": "GEV.PSIRT@ge.com"
           }
         ],
         "contact": [],
@@ -12388,15 +12388,15 @@
       {
         "label": "Policy",
         "language": "",
-        "url": "https://www.ge.com/gas-power/products/digital-and-controls/cybersecurity/vulnerability-response"
+        "url": "https://www.gevernova.com/gas-power/products/digital-and-controls/cybersecurity/vulnerability-response"
       }
     ],
     "securityAdvisories": {
       "alerts": [],
       "advisories": [
         {
           "label": "Advisories",
-          "url": "https://www.ge.com/gas-power/products/digital-and-controls/cybersecurity/security-advisories"
+          "url": "https://www.gevernova.com/gas-power/products/digital-and-controls/cybersecurity/security-advisories"
         }
       ]
     },
@@ -12969,8 +12969,8 @@
       "advisories": [
         {
           "label": "Advisories",
-          "url": "https://gitee.com/opengauss/security"
-        }                
+          "url": "https://opengauss.org/en/security-advisories/"
+        }
       ]
     },
     "resources": [],
@@ -13531,7 +13531,7 @@
       {
         "label": "Policy",
         "language": "",
-        "url": "https://www.opennms.com/contact/"
+        "url": "https://www.opennms.com/security/"
       }
     ],
     "securityAdvisories": {
@@ -18738,15 +18738,15 @@
       {
         "label": "Policy",
         "language": "",
-        "url": "https://github.com/chipsalliance/Caliptra/security"
+        "url": "https://github.com/chipsalliance/Caliptra/security/policy"
       }
     ],
     "securityAdvisories": {
       "alerts": [],
       "advisories": [
         {
           "label": "Advisories",
-          "url": "https://github.com/chipsalliance/Caliptra/security"
+          "url": "https://github.com/chipsalliance/Caliptra/security/advisories"
         }
       ]
     },
@@ -25493,7 +25493,7 @@
     "shortName": "Saviynt",
     "cnaID": "CNA-2025-0011",
     "organizationName": "Saviynt Inc.",
-    "scope": "Vulnerabilities discovered in Saviynt products or vulnerabilities reported to Saviynt Labs that are not in another CNA’s scope.",
+    "scope": "Vulnerabilities discovered in Saviynt products.",
     "contact": [
       {
         "email": [
@@ -25600,5 +25600,118 @@
       ]
     },
     "country": "Canada"
+  },
+  {
+    "shortName": "IDT-DNA",
+    "cnaID": "CNA-2025-0013",
+    "organizationName": "Integrated DNA Technologies, Inc.",
+    "scope": "Vulnerabilities within IDT-manufactured products, software, and services that are in-service.",
+    "contact": [
+      {
+        "email": [
+          {
+            "label": "Email",
+            "emailAddr": "ProductSecurity@idtdna.com"
+          }
+        ],
+        "contact": [],
+        "form": []
+      }
+    ],
+    "disclosurePolicy": [
+      {
+        "label": "Policy",
+        "language": "",
+        "url": "https://www.idtdna.com/pages/support/vulnerability-disclosure-process/"
+      }
+    ],
+    "securityAdvisories": {
+      "alerts": [],
+      "advisories": [
+        {
+          "label": "Advisories",
+          "url": "https://www.idtdna.com/pages/support/vulnerability-disclosure-process/known-vulnerabilities"
+        }
+      ]
+    },
+    "resources": [],
+    "CNA": {
+      "isRoot": false,
+      "root": {
+        "shortName": "icscert",
+        "organizationName": "Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)"
+      },
+      "roles": [
+        {
+          "helpText": "",
+          "role": "CNA"
+        }
+      ],
+      "TLR": {
+        "shortName": "CISA",
+        "organizationName": "Cybersecurity and Infrastructure Security Agency (CISA)"
+      },
+      "type": [
+        "Vendor"
+      ]
+    },
+    "country": "USA"
+  },
+  {
+    "shortName": "TMUS",
+    "cnaID": "CNA-2025-0014",
+    "organizationName": "T-Mobile US",
+    "scope": "All T-Mobile US products (including end-of-life/end-of-service products), as well as vulnerabilities in third-party software/hardware discovered by T-Mobile US that are not in another CNA’s scope.",
+    "contact": [
+      {
+        "email": [
+          {
+            "label": "Email",
+            "emailAddr": "security@t-mobile.com"
+          }
+        ],
+        "contact": [],
+        "form": []
+      }
+    ],
+    "disclosurePolicy": [
+      {
+        "label": "Policy",
+        "language": "",
+        "url": "https://bugcrowd.com/engagements/t-mobile"
+      }
+    ],
+    "securityAdvisories": {
+      "alerts": [],
+      "advisories": [
+        {
+          "label": "Advisories",
+          "url": "https://t-mobile.github.io/"
+        }
+      ]
+    },
+    "resources": [],
+    "CNA": {
+      "isRoot": false,
+      "root": {
+        "shortName": "icscert",
+        "organizationName": "Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)"
+      },
+      "roles": [
+        {
+          "helpText": "",
+          "role": "CNA"
+        }
+      ],
+      "TLR": {
+        "shortName": "CISA",
+        "organizationName": "Cybersecurity and Infrastructure Security Agency (CISA)"
+      },
+      "type": [
+        "Vendor",
+        "Researcher"
+      ]
+    },
+    "country": "USA"
   }
 ]

src/assets/data/events.json

@@ -34,7 +34,7 @@
       "displayOnHomepageOrder": 1,
       "title": "CVE/FIRST VulnCon 2025",
       "location": "Raleigh, North Carolina, USA & Virtual",
-      "description": "VulnCon 2025 is co-sponsored by the <a href='/'>CVE Program</a> and <a href='https://www.first.org/' target='_blank'>FIRST</a> and is open to the public.<br/><br/><strong>SPECIAL MESSAGE FOR CVE NUMBERING AUTHORITIES (CNAs)</strong>:<br/><i>VulnCon 2025 takes the place of this year’s Spring CVE Global Summit.</i><br/><br/><strong>Registration</strong>:<br/>Now open. Details <a href='https://www.first.org/conference/vulncon2025/#Registration-Information' target='_blank'>here</a>.<br/><ul><li>Standard Admission (by March 9, 2025): US $300.00</li><li>Late Rate Admission (after March 9, 2025): US $375.00</li><li>Virtual Admission: US $100.00</li></ul>Registration fees include four days of coffee breaks and buffet lunches, one networking reception hosted at the McKimmon Center, and applicable meeting materials. Note that discounted rates are not being offered for this event regardless of membership or speaking status.<br/><br/>An offsite social event is planned for Tuesday, April 8, from 19:00-21:00 in downtown Raleigh. Location to be announced in January. You may purchase a ticket during your main registration or access a separate purchase form link found in your registration email confirmation. Tickets are US $30.00 per person.<br/><br/><strong>Program Overview</strong>:<br/>* <strong>Monday, April 7</strong> &mdash; Training Day 1, Vendor Tables, Welcome Reception<br/>* <strong>Tuesday, April 8</strong> &mdash; Training Day 2, Vendor Tables, Off-site Social Event<br/>* <strong>Wednesday, April 9</strong> &mdash; Plenary, Breakouts, Vendor Tables<br/>* <strong>Thursday, April 10</strong> &mdash; Plenary, Breakouts, Vendor Tables<br/><br/><strong>Agenda</strong>:<br/> A detailed agenda will be available in March 2025.<br/><br/><strong>Venue</strong>:<br/><a href='https://facilities.ofa.ncsu.edu/building/mck/' target='_blank'>McKimmon Center,<br/>North Carolina State University</a>,<br/>1101 Gorman St.,<br/> Raleigh, North Carolina 27606<br/>USA<br/><br/><strong>Call for Papers</strong>:<br/>Closed on January 31, 2025. Details <a href='https://www.first.org/conference/vulncon2025/cfp' target='_blank'>here</a>.<br/><br/><strong>Purpose</strong>:<br/>The purpose of <a href='https://www.first.org/conference/vulncon2025/' target='_blank'>VulnCon</a> is to collaborate with various vulnerability management and cybersecurity professionals to develop forward leaning ideas that can be taken back to individual programs for action to benefit the vulnerability management ecosystem.<br/><br/>A key goal of the conference is to understand what important stakeholders and programs are doing within the vulnerability management ecosystem and best determine how to benefit the ecosystem broadly.",
+      "description": "VulnCon 2025 is co-sponsored by the <a href='/'>CVE Program</a> and <a href='https://www.first.org/' target='_blank'>FIRST</a> and is open to the public.<br/><br/><strong>SPECIAL MESSAGE FOR CVE NUMBERING AUTHORITIES (CNAs)</strong>:<br/><i>VulnCon 2025 takes the place of this year’s Spring CVE Global Summit.</i><br/><br/><strong>Agenda</strong>:<br/> Available <a href='https://www.first.org/conference/vulncon2025/program' target='_blank'>here</a>.<br/><br/><strong>Registration</strong>:<br/>Open. Details <a href='https://www.first.org/conference/vulncon2025/#Registration-Information' target='_blank'>here</a>.<br/><ul><li>Standard Admission (by March 15, 2025): US $300.00</li><li>Late Rate Admission (after March 15, 2025): US $375.00</li><li>Virtual Admission: US $100.00</li></ul>Registration fees include four days of coffee breaks and buffet lunches, one networking reception hosted at the McKimmon Center, and applicable meeting materials. Note that discounted rates are not being offered for this event regardless of membership or speaking status.<br/><br/>An offsite social event is planned for Tuesday, April 8, from 19:00-21:00 in downtown Raleigh. Location to be announced in January. You may purchase a ticket during your main registration or access a separate purchase form link found in your registration email confirmation. Tickets are US $30.00 per person.<br/><br/><strong>Program Overview</strong>:<br/>* Day 1: Monday, April 7 &mdash; Plenary, Vendor Tables, Welcome Reception<br/>* Day 2: Tuesday, April 8 &mdash; Plenary, Vendor Tables, Off-site Social Event<br/>* Day 3: Wednesday, April 9 &mdash; Plenary, Breakouts, Vendor Tables<br/>* Day 4: Thursday, April 10 &mdash; Plenary, Breakouts, Vendor Tables<br/><br/><strong>Venue</strong>:<br/><a href='https://facilities.ofa.ncsu.edu/building/mck/' target='_blank'>McKimmon Center,<br/>North Carolina State University</a>,<br/>1101 Gorman St.,<br/> Raleigh, North Carolina 27606<br/>USA<br/><br/><strong>Call for Papers</strong>:<br/>Closed on January 31, 2025. Details <a href='https://www.first.org/conference/vulncon2025/cfp' target='_blank'>here</a>.<br/><br/><strong>Purpose</strong>:<br/>The purpose of <a href='https://www.first.org/conference/vulncon2025/' target='_blank'>VulnCon</a> is to collaborate with various vulnerability management and cybersecurity professionals to develop forward leaning ideas that can be taken back to individual programs for action to benefit the vulnerability management ecosystem.<br/><br/>A key goal of the conference is to understand what important stakeholders and programs are doing within the vulnerability management ecosystem and best determine how to benefit the ecosystem broadly.",
       "permission": "public",
       "url": "https://www.first.org/conference/vulncon2025/",
       "date": {

src/assets/data/metrics.json

@@ -1137,7 +1137,7 @@
         },
         {
           "month": "March",
-          "value": "TBA"
+          "value": "2"
         },
         {
           "month": "April",