Merge pull request #3406 from CVEProject/int

1/7/25 Release: INT to MAIN

Author: alinh-mitre

src/assets/data/CNAsList.json

@@ -3471,7 +3471,7 @@
         {
           "helpText": "",
           "role": "CNA"
-        }        
+        }
       ]
     },
     "country": "USA"
@@ -10596,10 +10596,10 @@
     "country": "Taiwan"
   },
   {
-    "shortName": "Thales",
+    "shortName": "THA-PSIRT",
     "cnaID": "CNA-2021-0045",
     "organizationName": "Thales Group",
-    "scope": "Thales branded products and technologies, products and technologies of subsidiaries of Thales Group, unless covered by the scope of another CNA as well as vulnerabilities in third-party software discovered by Thales Group and subsidiaries that are not in another CNA’s scope",
+    "scope": "<strong>Root Scope:</strong> Products and technologies of subsidiaries of Thales Group<br/><strong>CNA Scope:</strong> Thales branded products and technologies, products and technologies of subsidiaries of Thales Group, unless covered by the scope of another CNA as well as vulnerabilities in third-party software discovered by Thales Group and subsidiaries that are not in another CNA’s scope",
     "contact": [
       {
         "email": [
@@ -10637,18 +10637,26 @@
     "CNA": {
       "isRoot": false,
       "root": {
-        "shortName": "icscert",
-        "organizationName": "Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)"
+        "shortName": "n/a",
+        "organizationName": "n/a"
       },
+      "role": [
+        "Root",
+        "CNA"
+      ],
       "type": [
         "Vendor",
         "Researcher"
       ],
       "TLR": {
-        "shortName": "CISA",
-        "organizationName": "Cybersecurity and Infrastructure Security Agency (CISA)"
+        "shortName": "mitre",
+        "organizationName": "MITRE Corporation"
       },
       "roles": [
+        {
+          "helpText": "",
+          "role": "Root"
+        },
         {
           "helpText": "",
           "role": "CNA"
@@ -24834,21 +24842,21 @@
     "CNA": {
       "isRoot": false,
       "root": {
-        "shortName": "n/a",
-        "organizationName": "n/a"
+        "shortName": "THA-PSIRT",
+        "organizationName": "Thales Group"
       },
-      "roles": [
-        {
-          "helpText": "",
-          "role": "CNA"
-        }
+      "type": [
+        "Researcher"
       ],
       "TLR": {
         "shortName": "mitre",
         "organizationName": "MITRE Corporation"
       },
-      "type": [
-        "Researcher"
+      "roles": [
+        {
+          "helpText": "",
+          "role": "CNA"
+        }
       ]
     },
     "country": "Spain"
@@ -24908,5 +24916,174 @@
       ]
     },
     "country": "Switzerland"
+  },
+  {
+    "shortName": "MolDev",
+    "cnaID": "CNA-2025-0001",
+    "organizationName": "Molecular Devices",
+    "scope": "Molecular Devices products only as listed on <a href='https://www.moleculardevices.com/products' target='_blank'>moleculardevices.com/products</a>",
+    "contact": [
+      {
+        "email": [],
+        "contact": [
+          {
+            "label": "CVD Submission Contact and Process",
+            "url": "https://www.moleculardevices.com/coordinated-vulnerability-disclosure-policy"
+          }
+        ],
+        "form": []
+      }
+    ],
+    "disclosurePolicy": [
+      {
+        "label": "Policy",
+        "language": "",
+        "url": "https://www.moleculardevices.com/coordinated-vulnerability-disclosure-policy"
+      }
+    ],
+    "securityAdvisories": {
+      "alerts": [],
+      "advisories": [
+        {
+          "label": "Advisories",
+          "url": "https://support.moleculardevices.com/s/article/Molecular-Devices-Security-Advisory"
+        }
+      ]
+    },
+    "resources": [],
+    "CNA": {
+      "isRoot": false,
+      "root": {
+        "shortName": "icscert",
+        "organizationName": "Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)"
+      },
+      "roles": [
+        {
+          "helpText": "",
+          "role": "CNA"
+        }
+      ],
+      "TLR": {
+        "shortName": "CISA",
+        "organizationName": "Cybersecurity and Infrastructure Security Agency (CISA)"
+      },
+      "type": [
+        "Vendor"
+      ]
+    },
+    "country": "USA"
+  },
+  {
+    "shortName": "SOCRadar",
+    "cnaID": "CNA-2025-0002",
+    "organizationName": "SOCRadar Cyber Intelligence Inc.",
+    "scope": "Vulnerabilities in SOCRadar products and services and vulnerabilities discovered by or reported to SOCRadar that are not in another CNA’s scope",
+    "contact": [
+      {
+        "email": [
+          {
+            "label": "Email",
+            "emailAddr": "security@socradar.io"
+          }
+        ],
+        "contact": [],
+        "form": []
+      }
+    ],
+    "disclosurePolicy": [
+      {
+        "label": "Policy",
+        "language": "",
+        "url": "https://socradar.io/security/"
+      }
+    ],
+    "securityAdvisories": {
+      "alerts": [],
+      "advisories": [
+        {
+          "label": "Advisories",
+          "url": "https://socradar.io/labs/cve-radar/"
+        }
+      ]
+    },
+    "resources": [],
+    "CNA": {
+      "isRoot": false,
+      "root": {
+        "shortName": "icscert",
+        "organizationName": "Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)"
+      },
+      "roles": [
+        {
+          "helpText": "",
+          "role": "CNA"
+        }
+      ],
+      "TLR": {
+        "shortName": "CISA",
+        "organizationName": "Cybersecurity and Infrastructure Security Agency (CISA)"
+      },
+      "type": [
+        "Vendor",
+        "Researcher"
+      ]
+    },
+    "country": "USA"
+  },
+  {
+    "shortName": "PTC",
+    "cnaID": "CNA-2025-0003",
+    "organizationName": "PTC Inc.",
+    "scope": "All currently supported PTC software products and cloud/SaaS services",
+    "contact": [
+      {
+        "email": [],
+        "contact": [
+          {
+            "label": "Vulnerability Reporting page",
+            "url": "https://www.ptc.com/documents/security/coordinated-vulnerability-disclosure"
+          }
+        ],
+        "form": []
+      }
+    ],
+    "disclosurePolicy": [
+      {
+        "label": "Policy",
+        "language": "",
+        "url": "https://www.ptc.com/documents/security/coordinated-vulnerability-disclosure"
+      }
+    ],
+    "securityAdvisories": {
+      "alerts": [],
+      "advisories": [
+        {
+          "label": "Advisories",
+          "url": "https://www.ptc.com/en/about/trust-center/advisory-center"
+        }
+      ]
+    },
+    "resources": [],
+    "CNA": {
+      "isRoot": false,
+      "root": {
+        "shortName": "icscert",
+        "organizationName": "Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)"
+      },
+      "roles": [
+        {
+          "helpText": "",
+          "role": "CNA"
+        }
+      ],
+      "TLR": {
+        "shortName": "CISA",
+        "organizationName": "Cybersecurity and Infrastructure Security Agency (CISA)"
+      },
+      "type": [
+        "Vendor"
+      ]
+    },
+    "country": "USA"
   }
 ]

src/assets/data/events.json

@@ -34,7 +34,7 @@
       "displayOnHomepageOrder": 1,
       "title": "CVE/FIRST VulnCon 2025",
       "location": "Raleigh, North Carolina, USA & Virtual",
-      "description": "VulnCon 2025 is co-sponsored by the <a href='/'>CVE Program</a> and <a href='https://www.first.org/' target='_blank'>FIRST</a> and is open to the public.<br/><br/><strong>SPECIAL MESSAGE FOR CVE NUMBERING AUTHORITIES (CNAs)</strong>:<br/><i>VulnCon 2025 takes the place of this year’s Spring CVE Global Summit.</i><br/><br/><strong>Call for Papers</strong>:<br/>Open until January 31, 2025. Details <a href='https://www.first.org/conference/vulncon2025/cfp' target='_blank'>here</a>.<br/><br/> <strong>Registration</strong>:<br/>Now open. Details <a href='https://www.first.org/conference/vulncon2025/#Registration-Information' target='_blank'>here</a>.<br/><ul><li>Standard Admission (by March 9, 2025): US $300.00</li><li>Late Rate Admission (after March 9, 2025): US $375.00</li><li>Virtual Admission: US $100.00</li></ul>Registration fees include four days of coffee breaks and buffet lunches, one networking reception hosted at the McKimmon Center, and applicable meeting materials. Note that discounted rates are not being offered for this event regardless of membership or speaking status.<br/><br/>An After Party will be tentatively hosted off-site with tickets to be sold separately. More information to come. Tickets will cost US $25.00.<br/><br/><strong>Program Overview</strong>:<br/>* Day 1: Monday, April 7 &mdash; TBA<br/>* Day 2: Tuesday, April 8 &mdash; TBA<br/>* Day 3: Wednesday, April 9 &mdash; TBA <br/>* Day 4: Thursday, April 10 &mdash; TBA<br/><br/><strong>Agenda</strong>:<br/> TBA<br/><br/><strong>Venue</strong>:<br/><a href='https://facilities.ofa.ncsu.edu/building/mck/' target='_blank'>McKimmon Center,<br/>North Carolina State University</a>,<br/>1101 Gorman St.,<br/> Raleigh, North Carolina 27606<br/>USA<br/><br/><strong>Purpose</strong>:<br/>The purpose of <a href='https://www.first.org/conference/vulncon2025/' target='_blank'>VulnCon</a> is to collaborate with various vulnerability management and cybersecurity professionals to develop forward leaning ideas that can be taken back to individual programs for action to benefit the vulnerability management ecosystem.<br/><br/>A key goal of the conference is to understand what important stakeholders and programs are doing within the vulnerability management ecosystem and best determine how to benefit the ecosystem broadly.",
+      "description": "VulnCon 2025 is co-sponsored by the <a href='/'>CVE Program</a> and <a href='https://www.first.org/' target='_blank'>FIRST</a> and is open to the public.<br/><br/><strong>SPECIAL MESSAGE FOR CVE NUMBERING AUTHORITIES (CNAs)</strong>:<br/><i>VulnCon 2025 takes the place of this year’s Spring CVE Global Summit.</i><br/><br/><strong>Call for Papers</strong>:<br/>Open until January 15, 2025. Details <a href='https://www.first.org/conference/vulncon2025/cfp' target='_blank'>here</a>.<br/><br/> <strong>Registration</strong>:<br/>Now open. Details <a href='https://www.first.org/conference/vulncon2025/#Registration-Information' target='_blank'>here</a>.<br/><ul><li>Standard Admission (by March 9, 2025): US $300.00</li><li>Late Rate Admission (after March 9, 2025): US $375.00</li><li>Virtual Admission: US $100.00</li></ul>Registration fees include four days of coffee breaks and buffet lunches, one networking reception hosted at the McKimmon Center, and applicable meeting materials. Note that discounted rates are not being offered for this event regardless of membership or speaking status.<br/><br/>An After Party will be tentatively hosted off-site with tickets to be sold separately. More information to come. Tickets will cost US $25.00.<br/><br/><strong>Program Overview</strong>:<br/>* Day 1: Monday, April 7 &mdash; TBA<br/>* Day 2: Tuesday, April 8 &mdash; TBA<br/>* Day 3: Wednesday, April 9 &mdash; TBA <br/>* Day 4: Thursday, April 10 &mdash; TBA<br/><br/><strong>Agenda</strong>:<br/> TBA<br/><br/><strong>Venue</strong>:<br/><a href='https://facilities.ofa.ncsu.edu/building/mck/' target='_blank'>McKimmon Center,<br/>North Carolina State University</a>,<br/>1101 Gorman St.,<br/> Raleigh, North Carolina 27606<br/>USA<br/><br/><strong>Purpose</strong>:<br/>The purpose of <a href='https://www.first.org/conference/vulncon2025/' target='_blank'>VulnCon</a> is to collaborate with various vulnerability management and cybersecurity professionals to develop forward leaning ideas that can be taken back to individual programs for action to benefit the vulnerability management ecosystem.<br/><br/>A key goal of the conference is to understand what important stakeholders and programs are doing within the vulnerability management ecosystem and best determine how to benefit the ecosystem broadly.",
       "permission": "public",
       "url": "https://www.first.org/conference/vulncon2025/",
       "date": {

src/assets/data/metrics.json

@@ -1124,6 +1124,59 @@
     }
   ],
   "cnasAddedByYear": [
+    {
+      "year": "2025",
+      "data": [
+        {
+          "month": "January",
+          "value": "3"
+        },
+        {
+          "month": "February",
+          "value": "TBA"
+        },
+        {
+          "month": "March",
+          "value": "TBA"
+        },
+        {
+          "month": "April",
+          "value": "TBA"
+        },
+        {
+          "month": "May",
+          "value": "TBA"
+        },
+        {
+          "month": "June",
+          "value": "TBA"
+        },
+        {
+          "month": "July",
+          "value": "TBA"
+        },
+        {
+          "month": "August",
+          "value": "TBA"
+        },
+        {
+          "month": "September",
+          "value": "TBA"
+        },
+        {
+          "month": "October",
+          "value": "TBA"
+        },
+        {
+          "month": "November",
+          "value": "TBA"
+        },
+        {
+          "month": "December",
+          "value": "TBA"
+        }
+      ]
+    },
     {
       "year": "2024",
       "data": [

src/assets/data/navigation.json

@@ -4,6 +4,7 @@
     "label": "About",
     "path": "About",
     "primaryNavPath": "/About/Overview",
+    "primarySubmenu": true,
     "submenu": {
       "Overview": {
         "id": "1.0",
@@ -107,6 +108,7 @@
     "label": "Partner Information",
     "path": "PartnerInformation",
     "primaryNavPath": "/PartnerInformation/Partner",
+    "primarySubmenu": true,
     "submenu": {
       "Partner": {
         "id": "2.0",
@@ -147,6 +149,7 @@
     "label": "Program Organization",
     "path": "ProgramOrganization",
     "primaryNavPath": "/ProgramOrganization/Structure",
+    "primarySubmenu": true,
     "submenu": {
       "Structure": {
         "id": "3.0",
@@ -264,6 +267,7 @@
       "label": "CVE List Downloads",
       "path": "Downloads",
       "primaryNavPath": "/Downloads",
+      "primarySubmenu": false,
       "submenu": {
         "Downloads": {
           "submenu": {
@@ -286,6 +290,7 @@
     "label": "Resources & Support",
     "path": "ResourcesSupport",
     "primaryNavPath": "/ResourcesSupport/Resources",
+    "primarySubmenu": true,
     "submenu": {
       "Resources": {
         "id": "5.0",
@@ -505,6 +510,7 @@
       "label": "Report/Request",
       "path": "ReportRequest",
       "primaryNavPath": "/ReportRequest/ReportRequestForNonCNAs",
+      "primarySubmenu": true,
       "submenu": {
         "CNAs": {
           "id": "8.0",
@@ -531,4 +537,4 @@
       }
     }
   }
-}
+}