all InfoSec news
OpenSSF Publishes Guide to Becoming a CVE Numbering Authority (CNA) as an Open Source Project
Stories by CVE Program Blog on Medium medium.com
Open Source Security Foundation (OpenSSF) published a new guide entitled “OpenSSF Guide for Open Source Projects: Becoming a CVE Numbering Authority” on November 27, 2023, on the OpenSSF website.
The purpose of the guide is to encourage open source projects to assign CVE Identifiers (CVE IDs) and publish CVE Records for their vulnerabilities, and to show how easy it is to do so as a CVE Numbering Authority (CNA).
The authors state: “For projects whose needs …
authority cve cybersecurity foundation github guide ids information security information technology november open source open source security open source security foundation openssf project projects purpose security security foundation website