Colleagues, The CVE Program is happy to announce two (2) new CNAs: Organization Name: Ericsson Org Short Name: ERIC Organization Location: Sweden Scope: Ericsson issues only. Top-Level Root: MITRE Disclosure Policy location: https://www.ericsson.com/en/about-us/security/ericsson-product-security-and-vulnerability-disclosure-policy Advisory location: https://www.ericsson.com/en/about-us/security/security-bulletins Public point of contact: ps...@ericsson.com<mailto:ps...@ericsson.com> CNA Type: Vendor Organization Name: Sonatype Inc. Org Short Name: Sonatype Organization Location: USA Scope: All Sonatype products and vulnerabilities in third-party software discovered by Sonatype that are not in another CNA’s scope. Top-Level Root: MITRE Disclosure Policy location: https://help.sonatype.com/repomanager3/product-information/repository-security-vulnerabilities Advisory location: https://support.sonatype.com/hc/en-us/sections/203012668-Security-Advisories Public point of contact: secur...@sonatype.com<mailto:secur...@sonatype.com> CNA Type: Vendor, Researcher
Total CNAs: 355 CNAs (353 CNAs and 2 CNA-LRs) Total Countries: 39 (+ 1 no country affiliation) Respectfully, CVE Program Secretariat cve-prog-secretar...@mitre.org<mailto:cve-prog-secretar...@mitre.org> [A picture containing text, clipart Description automatically generated]
