Skip to content

Commit

Permalink
Merge pull request #3178 from CVEProject/test
Browse files Browse the repository at this point in the history
update main with Test
  • Loading branch information
athu-tran authored Oct 15, 2024
2 parents 21df09b + fcd4a0d commit 4c1be22
Show file tree
Hide file tree
Showing 8 changed files with 134 additions and 22 deletions.
10 changes: 5 additions & 5 deletions src/assets/data/CNAsList.json
Original file line number Diff line number Diff line change
Expand Up @@ -7477,7 +7477,7 @@
"email": [
{
"label": "Email",
"emailAddr": "cybersecurity@se.com"
"emailAddr": "cpcert@se.com"
}
],
"contact": [
Expand Down Expand Up @@ -9231,14 +9231,14 @@
{
"shortName": "vmware",
"cnaID": "CNA-2016-0025",
"organizationName": "VMware",
"organizationName": "VMware by Broadcom",
"scope": "VMware, Spring, and Cloud Foundry issues only",
"contact": [
{
"email": [
{
"label": "Email",
"emailAddr": "security@vmware.com"
"emailAddr": "vmware.psirt@broadcom.com"
}
],
"contact": [],
Expand All @@ -9249,15 +9249,15 @@
{
"label": "Policy",
"language": "",
"url": "https://www.vmware.com/support/policies/security_response.html"
"url": "https://www.broadcom.com/support/vmware-services/security-response"
}
],
"securityAdvisories": {
"alerts": [],
"advisories": [
{
"label": "Advisories",
"url": "https://www.vmware.com/security/advisories.html"
"url": "https://www.broadcom.com/support/vmware-security-advisories"
}
]
},
Expand Down
24 changes: 20 additions & 4 deletions src/assets/data/events.json
Original file line number Diff line number Diff line change
@@ -1,11 +1,27 @@
{
"currentEvents": [
{
"id": 35,
"title": "CVE Artificial Intelligence Working Group (CVEAI WG) Meeting",
"location": "Virtual",
"description": "Focused on defining swim lanes for AI vulnerability disclosure within the CVE Program.",
"permission": "private",
"url": "/ProgramOrganization/WorkingGroups#CVEArtificialIntelligenceWorkingGroupCVEAIWG",
"date": {
"start": "2024-10-15",
"end": "2024-12-31",
"repeat": {
"day": "Monday",
"recurrence": "biweekly"
}
}
},
{
"id": 34,
"displayOnHomepageOrder": 1,
"title": "CVE Program Workshop – Autumn 2024",
"location": "Virtual",
"description": "A collaborative virtual community event of CVE Partners focused on improving CVE.<br/><br/>Event Time: 10:00 AM to 2:00 PM EDT both days.<br/><br/>Workshop “save the date” announcement, with expected topics and other details, sent to partners on September 19, 2024.",
"description": "A collaborative virtual community event of CVE Partners focused on improving CVE.<br/><br/>Event Time: 10:00 AM to 2:00 PM EDT both days.<br/><br/>Please refer to the CNA partners email announcements for agenda topics, deadlines, and other workshop details.",
"permission": "private",
"url": "",
"date": {
Expand Down Expand Up @@ -430,15 +446,15 @@
"id": 3,
"title": "CVE Outreach and Communications Working Group (OCWG) Meeting",
"location": "Virtual",
"description": "Promote the CVE Program to achieve program adoption and coverage goals through increased community awareness. Each calendar year there are six meetings held on a Monday (UTC-08:00) and six meetings held on a Wednesday (UTC-12:00).",
"description": "Promote the CVE Program to achieve program adoption and coverage goals through increased community awareness.",
"permission": "private",
"url": "/ProgramOrganization/WorkingGroups#OutreachandCommunicationsWorkingGroupOCWG",
"date": {
"start": "2024-01-01",
"end": "2024-12-31",
"repeat": {
"day": "Monday or Wednesday alternating every other month",
"recurrence": "monthly"
"day": "Friday",
"recurrence": "weekly"
}
}
},
Expand Down
2 changes: 1 addition & 1 deletion src/assets/data/faqs.json
Original file line number Diff line number Diff line change
Expand Up @@ -256,7 +256,7 @@
"questionText": "Are there CVE List data feeds",
"questionResponseParagraphs": [
"Yes, both internal and external feeds of CVE List content are available.",
"CVE Program:<ul><li><a href='https://twitter.com/CVEnew/' target='_blank'>Feed of newly published CVE Records</a> @CVEnew Twitter</li><li><a href='https://github.com/CVEProject/cvelistV5' target='_blank'>CVE List downloads (updated hourly)</a> cvelistV5 repository on GitHub</li></ul>",
"CVE Program:<ul><li><a href='https://x.com/CVEnew' target='_blank'>Feed of newly published CVE Records</a> @CVEnew on X</li><li><a href='https://github.com/CVEProject/cvelistV5' target='_blank'>CVE List downloads (updated hourly)</a> cvelistV5 repository on GitHub</li></ul>",
"External:<ul><li><a href='https://cassandra.cerias.purdue.edu/CVE_changes/' target='_blank'>CVE Change Logs</a> free tool from CERIAS/Purdue University that provides daily and monthly changes to CVE Records.</li></ul>"
]
},
Expand Down
4 changes: 4 additions & 0 deletions src/assets/data/navigation.json
Original file line number Diff line number Diff line change
Expand Up @@ -201,6 +201,10 @@
"anchorId": "CNAOrganizationOfPeersCOOP",
"label": "CNA Organization of Peers (COOP)"
},
"CVE Artificial Intelligence Working Group (CVEAI WG)": {
"anchorId": "CVEArtificialIntelligenceWorkingGroupCVEAIWG",
"label": "CVE Artificial Intelligence Working Group (CVEAI WG)"
},
"Outreach and Communications Working Group (OCWG)": {
"anchorId": "OutreachandCommunicationsWorkingGroupOCWG",
"label": "Outreach and Communications Working Group (OCWG)"
Expand Down
39 changes: 39 additions & 0 deletions src/assets/data/news.json
Original file line number Diff line number Diff line change
@@ -1,5 +1,43 @@
{
"currentNews": [
{
"id": 421,
"newsType": "news",
"title": "CVE Program Adds New “CVE Artificial Intelligence Working Group (CVEAI WG)”",
"urlKeywords": "New CVE Artificial Intelligence Working Group",
"date": "2024-10-15",
"description": [
{
"contentnewsType": "paragraph",
"content": "The CVE Program’s newest working group (WG), <a href='/ProgramOrganization/WorkingGroups#CVEArtificialIntelligenceWorkingGroupCVEAIWG'>CVE Artificial Intelligence</a> (CVEAI WG), is open to CVE community members such as <a href='/ProgramOrganization/CNAs'>CVE Numbering Authorities (CNAs)</a>, the <a href='/ProgramOrganization/Board'>CVE Board</a>, <a href='/ProgramOrganization/ADPs'>Authorized Data Publishers (ADPs)</a>, and participants from the <a href='/ResourcesSupport/Glossary?activeTerm=glossarySecretariat'>CVE Program Secretariat</a>; members of corporate vulnerability management programs and related standards, initiatives, and associations; and members of the AI community with expertise in AI and AI-related security concerns."
},
{
"contentnewsType": "paragraph",
"content": "The CVEAI WG will focus on: “determining what is a CVE-able vulnerability in AI technology. It is expected the CVEAI WG will produce documentation that defines how the CVE Program will address AI technologies moving forward. The CVEAI WG efforts are focused on defining swim lanes for AI vulnerability disclosure within CVE. This WG will discuss the concerns in defining what is within the responsibilities of the CVE Program. Because not all AI issues are appropriate for a CVE assignment, it will also try to define when other AI security-related initiatives are needed to address concerns outside the CVE Program.”"
},
{
"contentnewsType": "paragraph",
"content": "Read the <a href='/Resources/Roles/WorkingGroups/CVEAIWG/CVEAIWG-Charter.pdf' target='_blank'>CVEAI WG charter</a>."
}
]
},
{
"id": 420,
"newsType": "news",
"title": "Minutes from CVE Board Teleconference Meeting on October 2 Now Available",
"urlKeywords": "CVE Board Minutes from October 2",
"date": "2024-10-15",
"description": [
{
"contentnewsType": "paragraph",
"content": "The <a href='/ProgramOrganization/Board'>CVE Board</a> held a teleconference meeting on October 2, 2024. Read the <a href='https://cve.mitre.org/community/board/meeting_summaries/02_October_2024.pdf' target='_blank'>meeting minutes summary</a>."
},
{
"contentnewsType": "paragraph",
"content": "The CVE Board is the organization responsible for the strategic direction, governance, operational structure, policies, and rules of the CVE Program. The Board includes members from numerous cybersecurity-related organizations including commercial security tool vendors, academia, research institutions, government departments and agencies, and other prominent security experts, as well as end-users of vulnerability information."
}
]
},
{
"id": 419,
"newsType": "blog",
Expand Down Expand Up @@ -32,6 +70,7 @@
},
{
"id": 418,
"displayOnHomepageOrder": 0,
"newsType": "news",
"title": "Minutes from CVE Board Teleconference Meeting on September 18 Now Available",
"urlKeywords": "CVE Board Minutes from September 18",
Expand Down
4 changes: 2 additions & 2 deletions src/components/FooterModule.vue
Original file line number Diff line number Diff line change
Expand Up @@ -48,14 +48,14 @@
<font-awesome-icon :icon="['fab', 'medium']" aria-labelledby="mediumIcon" aria-hidden="false" focusable="false"/>
</span></a>
<div>
<a class="cve-social-media-icon-with-text" href="https://twitter.com/CVEnew/" target="_blank">
<a class="cve-social-media-icon-with-text" href="https://x.com/CVEnew" target="_blank">
<span class="icon">
<p id="x-twitterNewIcon" class="is-hidden">x-twitter icon for @CVEnew</p>
<font-awesome-icon :icon="['fab', 'x-twitter']" aria-labelledby="x-twitterNewIcon" aria-hidden="false" focusable="false"/>
</span>
New CVE Records
</a>
<a class="cve-social-media-icon-with-text" href="https://twitter.com/CVEannounce/" target="_blank">
<a class="cve-social-media-icon-with-text" href="https://x.com/CVEannounce" target="_blank">
<span class="icon">
<p id="x-twitterAnnounceIcon" class="is-hidden">x-twitter icon for @CVEannounce</p>
<font-awesome-icon :icon="['fab', 'x-twitter']" aria-labelledby="x-twitterAnnounceIcon" aria-hidden="false" focusable="false"/>
Expand Down
54 changes: 51 additions & 3 deletions src/views/ProgramOrganization/WorkingGroups.vue
Original file line number Diff line number Diff line change
Expand Up @@ -9,8 +9,9 @@
<ExternalLinkMessage/>
<p>
CVE Working Groups (WGs) actively focus on improving processes, workflows, and other aspects of the program as it continues to grow
and expand. There are seven main WGs: Automation (AWG), CNA Organization of Peers (COOP), Outreach and Communications (OCWG),
Quality (QWG), Strategic Planning (SPWG), Tactical (TWG), and Vulnerability Conference and Events (VCEWG).
and expand. There are eight main WGs: Automation (AWG), CNA Organization of Peers (COOP), CVE Artificial Intelligence (CVEAI WG),
Outreach and Communications (OCWG), Quality (QWG), Strategic Planning (SPWG), Tactical (TWG), and
Vulnerability Conference and Events (VCEWG).
</p>
<p>
Details about these WGs are found below including information on how to join, as well as links to documents, repositories,
Expand Down Expand Up @@ -136,6 +137,49 @@
</article>
</div>
</div>
<h2 :id="cvenavs['Program Organization']['submenu']['Working Groups']['items']['CVE Artificial Intelligence Working Group (CVEAI WG)']
['anchorId']"
class="title">
{{cvenavs['Program Organization']['submenu']['Working Groups']['items']['CVE Artificial Intelligence Working Group (CVEAI WG)']
['label']}}</h2>
<p>
The CVEAI WG is focused on defining swim lanes for AI vulnerability disclosure within CVE. This WG will discuss the concerns
in defining what is within the responsibilities of the CVE Program. Because not all AI issues are appropriate for a CVE assignment,
it will also try to define when other AI security-related initiatives are needed to address concerns outside the CVE Program.
</p>
<p>
<span class="has-text-weight-bold">Membership Eligibility:</span> Per the CVEAI WG Charter, “Any active CVE-authorized program
member may participate in the CVEAI. This includes Board members, CVE Numbering Authority (CNA) representatives,
Authorized Data Publishers (ADP), and participants from the Secretariat’s organization. This WG is also open to public membership,
including members of corporate vulnerability management programs, as well as VM related standards, initiatives and associations
and others. It is also open to members of the AI community with expertise in AI and AI related security concerns.”
</p>
<div class="tile is-ancestor cve-task-tiles-container">
<div class="tile is-parent cve-task-left-tile">
<article class="tile is-child cve-border-dark-blue">
<h3 class="title cve-task-tile-header">
Documents
</h3>
<ul class="tile-body cve-task-tile-list">
<li class="cve-task-tile-list-item">
<router-link to="/Resources/Roles/WorkingGroups/CVEAIWG/CVEAIWG-Charter.pdf" target="_blank">CVEAI WG Charter</router-link>
</li>
</ul>
</article>
</div>
<div class="tile is-parent">
<article class="tile is-child cve-border-dark-blue">
<h3 class="title cve-task-tile-header">
Repositories and Projects
</h3>
<ul class="tile-body cve-task-tile-list">
<li class="cve-task-tile-list-item">
TBA
</li>
</ul>
</article>
</div>
</div>
<h2 :id="cvenavs['Program Organization']['submenu']['Working Groups']['items']['Outreach and Communications Working Group (OCWG)']
['anchorId']" class="title">
{{cvenavs['Program Organization']['submenu']['Working Groups']['items']['Outreach and Communications Working Group (OCWG)']['label']}}
Expand Down Expand Up @@ -371,9 +415,13 @@
<td data-label="Working Group" style="width: 55%">CNA Organization of Peers (COOP)</td>
<td data-label="Meeting Time">Every other Wednesday 2:00pm ET</td>
</tr>
<tr>
<td data-label="Working Group" style="width: 55%">CVE Artificial Intelligence Working Group (CVEAI WG)</td>
<td data-label="Meeting Time">Every other Monday 1:00pm ET</td>
</tr>
<tr>
<td data-label="Working Group" style="width: 55%">Outreach and Communications Working Group (OCWG)</td>
<td data-label="Meeting Time">Every other month on Monday 4:00pm ET / Every other month on Wednesday 8:00am ET</td>
<td data-label="Meeting Time">Every Friday 9:00am ET</td>
</tr>
<tr>
<td data-label="Working Group" style="width: 55%">Quality Working Group (QWG)</td>
Expand Down
19 changes: 12 additions & 7 deletions src/views/ResourcesSupport/Resources.vue
Original file line number Diff line number Diff line change
Expand Up @@ -479,13 +479,18 @@
</a>
</li>
<li>
<router-link to="/Resources/Roles/WorkingGroups/SPWG/SPWG-Charter.pdf" target="_blank">
Strategic Planning Working Group (SPWG) Charter (PDF, 0.2MB)
<router-link to="/Resources/Roles/WorkingGroups/COOP/COOP-Charter.pdf" target="_blank">
CNA Organization of Peers (COOP) Charter (PDF, 0.1MB)
</router-link>
</li>
<li>
<router-link to="/Resources/Roles/WorkingGroups/COOP/COOP-Charter.pdf" target="_blank">
CNA Organization of Peers (COOP) Charter (PDF, 0.1MB)
<router-link to="/Resources/Roles/WorkingGroups/CVEAIWG/CVEAIWG-Charter.pdf" target="_blank">
CVE Artificial Intelligence Working Group (CVEAI WG) Charter (PDF, 0.1MB)
</router-link>
</li>
<li>
<router-link to="/Resources/Roles/WorkingGroups/OCWG/OCWG-Charter.pdf" target="_blank">
Outreach and Communications Working Group (OCWG) Charter (PDF, 0.1MB)
</router-link>
</li>
<li>
Expand All @@ -494,8 +499,8 @@
</a>
</li>
<li>
<router-link to="/Resources/Roles/WorkingGroups/OCWG/OCWG-Charter.pdf" target="_blank">
Outreach and Communications Working Group (OCWG) Charter (PDF, 0.1MB)
<router-link to="/Resources/Roles/WorkingGroups/SPWG/SPWG-Charter.pdf" target="_blank">
Strategic Planning Working Group (SPWG) Charter (PDF, 0.2MB)
</router-link>
</li>
<li>
Expand Down Expand Up @@ -606,7 +611,7 @@
</h3>
<p class="mb-0 ml-4 has-text-weight-bold">Feed of newly published CVE Records:</p>
<ul class="mt-0 mb-0 tile-body cve-task-tile-list">
<li><a href="https://twitter.com/CVEnew/" target="_blank">@CVEnew Twitter</a></li>
<li><a href="https://x.com/CVEnew" target="_blank">@CVEnew on X</a></li>
<li><a href='https://github.com/CVEProject/cvelistV5' target='_blank'>CVE List downloads (updated hourly)</a>
cvelistV5 repository on GitHub</li>
</ul>
Expand Down

0 comments on commit 4c1be22

Please sign in to comment.