all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

OpenSSF Publishes Guide to Becoming a CVE Numbering Authority (CNA) as an Open Source Project

Add to bookmarks
Dec. 21, 2023, 11:30 p.m. | CVE Program Blog

Stories by CVE Program Blog on Medium medium.com

Open Source Security Foundation (OpenSSF) published a new guide entitled “OpenSSF Guide for Open Source Projects: Becoming a CVE Numbering Authority” on November 27, 2023, on the OpenSSF website.

The purpose of the guide is to encourage open source projects to assign CVE Identifiers (CVE IDs) and publish CVE Records for their vulnerabilities, and to show how easy it is to do so as a CVE Numbering Authority (CNA).

The authors state: “For projects whose needs …

authority cve cybersecurity foundation github guide ids information security information technology november open source open source security open source security foundation openssf project projects purpose security security foundation website

Visit resource

More from medium.com / Stories by CVE Program Blog on Medium

New CVE Record Format Enables Additional Data Fields at Time of Disclosure 21 hours ago | medium.com
cve cybersecurity data disclosure +14
We Speak CVE Podcast — “Meet the 3 New CVE Board Members” 2 weeks, 3 days ago | medium.com
cybersecurity information security information technology vulnerability +1
Our CVE Story: Ericsson’s Journey as a CVE Numbering Authority (CNA) 3 weeks, 4 days ago | medium.com
authority authors cna cve +26
We Speak CVE Podcast — “CVE Records States and Tags” 1 month ago | medium.com
cybersecurity information security information technology vulnerability +1
Get Ready for “CVE/FIRST VulnCon 2024” on March 25–27, 2024! 1 month, 1 week ago | medium.com
carolina center cve cybersecurity +18
CVE Program Report for Quarter 4 Calendar Year (Q4 CY) 2023 1 month, 1 week ago | medium.com
cybersecurity information security information technology vulnerability +1
Phase 3 of Legacy CVE Download Formats Deprecation Now Underway 1 month, 3 weeks ago | medium.com
april csv cve cybersecurity +14
Public Review Period for “CNA Operational Rules” Document Open March 6–20 1 month, 3 weeks ago | medium.com
authority cna community cve +15
“CVE/FIRST VulnCon 2024” Registration Closing on March 11, 2024 1 month, 3 weeks ago | medium.com
carolina center conference cve +15

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Senior Security Researcher, SIEM

@ Huntress | Remote Canada
View on infosec-jobs.com

Senior Application Security Engineer

@ Revinate | San Francisco Bay Area
View on infosec-jobs.com

Cyber Security Manager

@ American Express Global Business Travel | United States - New York - Virtual Location
View on infosec-jobs.com

Incident Responder Intern

@ Bentley Systems | Remote, PA, US
View on infosec-jobs.com

SC2024-003533 Senior Online Vulnerability Assessment Analyst (CTS) - THU 9 May

@ EMW, Inc. | Mons, Wallonia, Belgium
View on infosec-jobs.com
View more jobs