Merge pull request #3265 from CVEProject/int-main

update main with int-main

Author: ann-linh-mitre

src/assets/data/CNAsList.json

@@ -4297,15 +4297,15 @@
       {
         "label": "Policy",
         "language": "",
-        "url": "https://www.johnsoncontrols.com/buildings/specialty-pages/product-security/vulnerability-reporting-and-disclosure"
+        "url": "https://www.johnsoncontrols.com/trust-center/cybersecurity/response#CoordinatedDisclosure"
       }
     ],
     "securityAdvisories": {
       "alerts": [],
       "advisories": [
         {
           "label": "Advisories",
-          "url": "https://www.johnsoncontrols.com/buildings/specialty-pages/product-security/security-advisories"
+          "url": "https://www.johnsoncontrols.com/trust-center/cybersecurity/security-advisories"
         }
       ]
     },
@@ -24003,5 +24003,229 @@
       ]
     },
     "country": "Sweden"
+  },
+  {
+    "shortName": "OnLogic",
+    "cnaID": "CNA-2024-0074",
+    "organizationName": "OnLogic",
+    "scope": "OnLogic issues only",
+    "contact": [
+      {
+        "email": [
+          {
+            "label": "Email",
+            "emailAddr": "soc@onlogic.com"
+          }
+        ],
+        "contact": [],
+        "form": []
+      }
+    ],
+    "disclosurePolicy": [
+      {
+        "label": "Policy",
+        "language": "",
+        "url": "https://storage.googleapis.com/ls-public-web-content/Security/STORM-Cybersecurity%20Policy-Vulnerability%20Disclosure.pdf"
+      }
+    ],
+    "securityAdvisories": {
+      "alerts": [],
+      "advisories": [
+        {
+          "label": "Advisories",
+          "url": "https://support.onlogic.com/security-advisory/"
+        }
+      ]
+    },
+    "resources": [],
+    "CNA": {
+      "isRoot": false,
+      "root": {
+        "shortName": "n/a",
+        "organizationName": "n/a"
+      },
+      "roles": [
+        {
+          "helpText": "",
+          "role": "CNA"
+        }
+      ],
+      "TLR": {
+        "shortName": "mitre",
+        "organizationName": "MITRE Corporation"
+      },
+      "type": [
+        "Vendor"
+      ]
+    },
+    "country": "USA"
+  },
+  {
+    "shortName": "OB",
+    "cnaID": "CNA-2024-0075",
+    "organizationName": "OceanBase",
+    "scope": "OceanBase products only, not including end-of-life components or products",
+    "contact": [
+      {
+        "email": [
+          {
+            "label": "Email",
+            "emailAddr": "security@oceanbase.com"
+          }
+        ],
+        "contact": [],
+        "form": []
+      }
+    ],
+    "disclosurePolicy": [
+      {
+        "label": "Policy",
+        "language": "",
+        "url": "https://en.oceanbase.com/security"
+      }
+    ],
+    "securityAdvisories": {
+      "alerts": [],
+      "advisories": [
+        {
+          "label": "Advisories",
+          "url": "https://github.com/oceanbase/oceanbase/issues"
+        }
+      ]
+    },
+    "resources": [],
+    "CNA": {
+      "isRoot": false,
+      "root": {
+        "shortName": "n/a",
+        "organizationName": "n/a"
+      },
+      "roles": [
+        {
+          "helpText": "",
+          "role": "CNA"
+        }
+      ],
+      "TLR": {
+        "shortName": "mitre",
+        "organizationName": "MITRE Corporation"
+      },
+      "type": [
+        "Vendor"
+      ]
+    },
+    "country": "China"
+  },
+  {
+    "shortName": "Gridware",
+    "cnaID": "CNA-2024-0076",
+    "organizationName": "Gridware Cybersecurity",
+    "scope": "Gridware software, services, and infrastructure issues, as well as vulnerabilities discovered by or reported to Gridware researchers that are not in another CNA’s scope",
+    "contact": [
+      {
+        "email": [
+          {
+            "label": "Email",
+            "emailAddr": "ict.security@gridware.com.au"
+          }
+        ],
+        "contact": [],
+        "form": []
+      }
+    ],
+    "disclosurePolicy": [
+      {
+        "label": "Policy",
+        "language": "",
+        "url": "https://www.gridware.com.au/vulnerability-disclosure-policy/"
+      }
+    ],
+    "securityAdvisories": {
+      "alerts": [],
+      "advisories": [
+        {
+          "label": "Advisories",
+          "url": "https://www.gridware.com.au/security-advisories/"
+        }
+      ]
+    },
+    "resources": [],
+    "CNA": {
+      "isRoot": false,
+      "root": {
+        "shortName": "redhat",
+        "organizationName": "Red Hat, Inc."
+      },
+      "type": [
+        "Researcher"
+      ],
+      "TLR": {
+        "shortName": "mitre",
+        "organizationName": "MITRE Corporation"
+      },
+      "roles": [
+        {
+          "helpText": "",
+          "role": "CNA"
+        }
+      ]
+    },
+    "country": "Australia"
+  },
+  {
+    "shortName": "BECDX",
+    "cnaID": "CNA-2024-0077",
+    "organizationName": "Beckman Coulter Diagnostics",
+    "scope": "Beckman Coulter Diagnostics manufactured products and technologies only",
+    "contact": [
+      {
+        "email": [
+          {
+            "label": "Email",
+            "emailAddr": "ProductSecurity@beckman.com"
+          }
+        ],
+        "contact": [],
+        "form": []
+      }
+    ],
+    "disclosurePolicy": [
+      {
+        "label": "Policy",
+        "language": "",
+        "url": "https://www.beckmancoulter.com/en/about-beckman-coulter/product-security"
+      }
+    ],
+    "securityAdvisories": {
+      "alerts": [],
+      "advisories": [
+        {
+          "label": "Advisories",
+          "url": "https://www.beckmancoulter.com/en/about-beckman-coulter/product-security/product-security-updates"
+        }
+      ]
+    },
+    "resources": [],
+    "CNA": {
+      "isRoot": false,
+      "root": {
+        "shortName": "icscert",
+        "organizationName": "Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)"
+      },
+      "roles": [
+        {
+          "helpText": "",
+          "role": "CNA"
+        }
+      ],
+      "TLR": {
+        "shortName": "CISA",
+        "organizationName": "Cybersecurity and Infrastructure Security Agency (CISA)"
+      },
+      "type": [
+        "Vendor"
+      ]
+    },
+    "country": "USA"
   }
 ]

src/assets/data/metrics.json

@@ -1169,7 +1169,7 @@
         },
         {
           "month": "November",
-          "value": "1"
+          "value": "5"
         },
         {
           "month": "December",

src/assets/data/news.json

@@ -1,5 +1,85 @@
 {
   "currentNews": [
+    {
+      "id": 439,
+      "newsType": "news",
+      "title": "Beckman Coulter Diagnostics Added as CVE Numbering Authority (CNA)",
+      "urlKeywords": "Beckman Coulter Diagnostics Added as CNA",
+      "date": "2024-11-12",
+      "description": [
+        {
+          "contentnewsType": "paragraph",
+          "content": "<a href='/PartnerInformation/ListofPartners/partner/BECDX'>Beckman Coulter Diagnostics</a> is now a <a href='/ResourcesSupport/Glossary?activeTerm=glossaryCNA'>CVE Numbering Authority (CNA)</a> for Beckman Coulter Diagnostics manufactured products and technologies only."
+        },
+        {
+          "contentnewsType": "paragraph",
+          "content": "To date, <a href='/PartnerInformation/ListofPartners'>420 CNAs</a> (418 CNAs and 2 CNA-LRs) from <a href='/ProgramOrganization/CNAs'>40 countries</a> and 1 no country affiliation have partnered with the CVE Program. CNAs are organizations from around the world that are authorized to assign <a href='/ResourcesSupport/Glossary?activeTerm=glossaryCVEID'>CVE Identifiers (CVE IDs)</a> and publish <a href='/ResourcesSupport/Glossary?activeTerm=glossaryRecord'>CVE Records</a> for vulnerabilities affecting products within their distinct, agreed-upon scope, for inclusion in first-time public announcements of new vulnerabilities. Beckman Coulter Diagnostics is the 227th CNA from USA."
+        },
+        {
+          "contentnewsType": "paragraph",
+          "content": "Beckman Coulter Diagnostics’ Root is the <a href='/PartnerInformation/ListofPartners/partner/icscert'>Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS) Root</a>."
+        }
+      ]
+    },
+    {
+      "id": 438,
+      "newsType": "news",
+      "title": "Gridware Cybersecurity Added as CVE Numbering Authority (CNA)",
+      "urlKeywords": "Gridware Cybersecurity Added as CNA",
+      "date": "2024-11-12",
+      "description": [
+        {
+          "contentnewsType": "paragraph",
+          "content": "<a href='/PartnerInformation/ListofPartners/partner/Gridware'>Gridware Cybersecurity</a> is now a <a href='/ResourcesSupport/Glossary?activeTerm=glossaryCNA'>CVE Numbering Authority (CNA)</a> for Gridware software, services, and infrastructure issues, as well as vulnerabilities discovered by or reported to Gridware researchers that are not in another CNA’s scope."
+        },
+        {
+          "contentnewsType": "paragraph",
+          "content": "To date, <a href='/PartnerInformation/ListofPartners'>419 CNAs</a> (417 CNAs and 2 CNA-LRs) from <a href='/ProgramOrganization/CNAs'>40 countries</a> and 1 no country affiliation have partnered with the CVE Program. CNAs are organizations from around the world that are authorized to assign <a href='/ResourcesSupport/Glossary?activeTerm=glossaryCVEID'>CVE Identifiers (CVE IDs)</a> and publish <a href='/ResourcesSupport/Glossary?activeTerm=glossaryRecord'>CVE Records</a> for vulnerabilities affecting products within their distinct, agreed-upon scope, for inclusion in first-time public announcements of new vulnerabilities. Gridware is the 7th CNA from Australia."
+        },
+        {
+          "contentnewsType": "paragraph",
+          "content": "Gridware’s Root is the <a href='/PartnerInformation/ListofPartners/partner/redhat'>Red Hat Root</a>."
+        }
+      ]
+    },
+    {
+      "id": 437,
+      "newsType": "news",
+      "title": "OceanBase Added as CVE Numbering Authority (CNA)",
+      "urlKeywords": "OceanBase Added as CNA",
+      "date": "2024-11-12",
+      "description": [
+        {
+          "contentnewsType": "paragraph",
+          "content": "<a href='/PartnerInformation/ListofPartners/partner/OB'>OceanBase</a> is now a <a href='/ResourcesSupport/Glossary?activeTerm=glossaryCNA'>CVE Numbering Authority (CNA)</a> for OceanBase products only, not including end-of-life components or products."
+        },
+        {
+          "contentnewsType": "paragraph",
+          "content": "To date, <a href='/PartnerInformation/ListofPartners'>418 CNAs</a> (416 CNAs and 2 CNA-LRs) from <a href='/ProgramOrganization/CNAs'>40 countries</a> and 1 no country affiliation have partnered with the CVE Program. CNAs are organizations from around the world that are authorized to assign <a href='/ResourcesSupport/Glossary?activeTerm=glossaryCVEID'>CVE Identifiers (CVE IDs)</a> and publish <a href='/ResourcesSupport/Glossary?activeTerm=glossaryRecord'>CVE Records</a> for vulnerabilities affecting products within their distinct, agreed-upon scope, for inclusion in first-time public announcements of new vulnerabilities. OceanBase is the 23rd CNA from China."
+        },
+        {
+          "contentnewsType": "paragraph",
+          "content": "OceanBase’s Root is the <a href='/PartnerInformation/ListofPartners/partner/mitre'>MITRE Top-Level Root</a>."
+        }
+      ]
+    },
+    {
+      "id": 436,
+      "newsType": "news",
+      "title": "Minutes from CVE Board Teleconference Meeting on October 16 Now Available",
+      "urlKeywords": "CVE Board Minutes from October 16",
+      "date": "2024-11-12",
+      "description": [
+        {
+          "contentnewsType": "paragraph",
+          "content": "The <a href='/ProgramOrganization/Board'>CVE Board</a> held a teleconference meeting on October 16, 2024. Read the <a href='https://cve.mitre.org/community/board/meeting_summaries/16_October_2024.pdf' target='_blank'>meeting minutes summary</a>."
+        },
+        {
+          "contentnewsType": "paragraph",
+          "content": "The CVE Board is the organization responsible for the strategic direction, governance, operational structure, policies, and rules of the CVE Program. The Board includes members from numerous cybersecurity-related organizations including commercial security tool vendors, academia, research institutions, government departments and agencies, and other prominent security experts, as well as end-users of vulnerability information."
+        }
+      ]
+    },
     {
       "id": 435,
       "newsType": "news",