You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I used the cve.org CVE Record search to search for CVE-2024-52600. Because there is an obvious mistake in the product name (it is shown as both "Statmatic" and "statamic"), I decided to look for the contact information for the CNA. Both the search results and the CVE Record detail page have the correct CNA name, which is "GitHub (Maintainer Security Advisories)"
Then I went to the https://www.cve.org/PartnerInformation/ListofPartners page, which has its own Search field. There are many partners that match the search term GitHub, so I chose the search term "maintainer" (without the quotes) instead, and the outcome was
"scope": "CVEs requested by code owners using the GitHub Security Advisories feature and vulnerabilities affecting open source projects discovered by security researchers at GitHub or Microsoft not covered by another CNA’s scope",
I feel that it would be better if there were a direct correspondence between the CNA names shown for CVE Records (in search results and on CVE Record detail pages) and the CNA names shown in organizationName fields.
The text was updated successfully, but these errors were encountered:
I used the cve.org CVE Record search to search for CVE-2024-52600. Because there is an obvious mistake in the product name (it is shown as both "Statmatic" and "statamic"), I decided to look for the contact information for the CNA. Both the search results and the CVE Record detail page have the correct CNA name, which is "GitHub (Maintainer Security Advisories)"
Then I went to the https://www.cve.org/PartnerInformation/ListofPartners page, which has its own Search field. There are many partners that match the search term GitHub, so I chose the search term "maintainer" (without the quotes) instead, and the outcome was
This seems to be caused by:
cve-website/src/assets/data/CNAsList.json
Lines 3241 to 3242 in 296381b
I feel that it would be better if there were a direct correspondence between the CNA names shown for CVE Records (in search results and on CVE Record detail pages) and the CNA names shown in organizationName fields.
The text was updated successfully, but these errors were encountered: