Colleagues, The CVE Program is happy to announce six (6) new CNAs:
Organization Name: KrakenD, S.L. Org Short Name: KrakenD Organization Location: Spain Scope: KrakenD EE, KrakenD CE, and Lura issues only. Root: INCIBE Top-Level Root: MITRE Disclosure Policy location: https://www.krakend.io/security-policy/ Advisory location: https://www.krakend.io/tags/security/ Public point of contact: secur...@krakend.io<mailto:secur...@krakend.io> CNA Type: Vendors and Projects Organization Name: senhasegura Org Short Name: senhasegura Organization Location: Brazil Scope: Vulnerabilities in senhasegura products, and other vulnerabilities discovered by senhasegura that are not in another CNA’s scope. Top-Level Root: MITRE Disclosure Policy location: https://docs.senhasegura.io/security-guidance/ Advisory location: https://docs.senhasegura.io/security-center-advisories/ Public point of contact: c...@senhasegura.com<mailto:c...@senhasegura.com> CNA Type: Vendors and Projects, Vulnerability Researchers Organization Name: Seagate Technology Org Short Name: Seagate Organization Location: USA Scope: Any Seagate or LaCie software or hardware, open or closed source, supported and end of life, as well as any vulnerabilities in third-party software discovered by Seagate that are not in another CNA’s scope. Top-Level Root: MITRE Disclosure Policy location: https://www.seagate.com/legal-privacy/responsible-vulnerability-disclosure-policy/ Advisory location: https://www.seagate.com/support/security/ Public point of contact: ps...@seagate.com<mailto:ps...@seagate.com> CNA Type: Vendors and Projects, Vulnerability Researchers Organization Name: Green Rocket Security Inc. Org Short Name: GreenRocketSecurity Organization Location: Scope: Green Rocket Security products including EOL unless covered by another CNA’s scope. Top-Level Root: MITRE Disclosure Policy location: https://greenrocketsecurity.com/disclosure-policy/ Advisory location: https://www.greenrocketsecurity.com/resources/security-updates/ Public point of contact: i...@greenrocketsecurity.com<mailto:i...@greenrocketsecurity.com> CNA Type: Vendors and Projects Organization Name: OpenCloudOS Community Org Short Name: OpenCloudOS Organization Location: China Scope: OpenCloud OS issues only, not including EOL products, unless covered by another CNA’s scope. Top-Level Root: MITRE Disclosure Policy location: https://www.opencloudos.org/?page_id=6988 Advisory location: https://www.opencloudos.org/?page_id=573 Public point of contact: secur...@opencloudos.tech<mailto:secur...@opencloudos.tech> CNA Type: Vendors and Projects Organization Name: HashiCorp Inc. Org Short Name: HashiCorp Organization Location: USA Scope: All HashiCorp products and projects unless covered by another CNA’s scope. Top-Level Root: MITRE Disclosure Policy location: https://www.hashicorp.com/security Advisory location: https://discuss.hashicorp.com/c/security/52 Public point of contact: secur...@hashicorp.com<mailto:secur...@hashicorp.com> CNA Type: Vendors and Projects Total Partners: 250 Total Countries: 35 Respectfully, CVE Program Secretariat cve-prog-secretar...@mitre.org<mailto:cve-prog-secretar...@mitre.org> [A picture containing text, clipart Description automatically generated]