Skip to content

Amended CNA for OSS guide to mention CISA ADP #166

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Amended CNA for OSS guide to mention CISA ADP #166

wants to merge 1 commit into from

Conversation

alilleybrinker
Copy link

The current version of the FAQ for the guide for OSS projects to become CNAs says only that NVD will issue CVSS scores for CVEs, and doesn't mention CISA's role as an ADP.

This commit amends the language to both indicate that CISA ADP will enrich with CVSS scores, and that if you provide a CVSS score yourself then CISA will not issue one.

https://www.cve.org/Media/News/item/blog/2024/06/04/CISA-Added-as-CVE-Authorized-Data-Publisher

@alilleybrinker
Amended CNA for OSS guide to mention CISA ADP
85ca929 
The current version of the FAQ for the guide for OSS projects to become CNAs says only that NVD will issue CVSS scores for CVEs, and doesn't mention CISA's role as an ADP.

This commit amends the language to both indicate that CISA ADP will enrich with CVSS scores, and that if you provide a CVSS score yourself then CISA will not issue one.

https://www.cve.org/Media/News/item/blog/2024/06/04/CISA-Added-as-CVE-Authorized-Data-Publisher

Signed-off-by: Andrew Lilley Brinker <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@alilleybrinker