Merge pull request #2610 from CVEProject/dev

update test with dev

package.json

@@ -1,6 +1,8 @@
 {
   "name": "cve-website",
-  "version": "0.0.0",
+  "description": "Common Vulnerabilities and Exposures (CVE) Website",
+  "version": "0.1.0",
+  "author": "Automation Working Group",
   "private": true,
   "type": "module",
   "scripts": {

src/assets/data/CNAsList.json

@@ -5145,7 +5145,7 @@
     "shortName": "microsoft",
     "cnaID": "CNA-2005-0005",
     "organizationName": "Microsoft Corporation",
-    "scope": "Microsoft issues only",
+    "scope": "Microsoft issues only, excluding end-of-life (EOL) as listed in the <a href='https://learn.microsoft.com/en-US/lifecycle/' target='_blank'>Microsoft Lifecycle Policy</a>",
     "contact": [
       {
         "email": [
@@ -6660,7 +6660,7 @@
     "shortName": "Patchstack",
     "cnaID": "CNA-2021-0025",
     "organizationName": "Patchstack",
-    "scope": "Vulnerabilities in third-party PHP products discovered by Patchstack and Patchstack Red Team",
+    "scope": "Vulnerabilities in third-party products discovered by Patchstack and Patchstack Bug Bounty program unless covered by the scope of another CNA",
     "contact": [
       {
         "email": [
@@ -17537,7 +17537,7 @@
         "email": [
           {
             "label": "Email",
-            "emailAddr": "PSIRT@crowdstrike.com"
+            "emailAddr": "bugs@crowdstrike.com"
           }
         ],
         "contact": [],
@@ -20916,5 +20916,118 @@
       ]
     },
     "country": "Canada"
+  },
+  {
+    "shortName": "directcyber",
+    "cnaID": "CNA-2024-0018",
+    "organizationName": "DirectCyber",
+    "scope": "Products in Australia (either the reporter or the target vendor must operate in AU), which are not covered by another CNA",
+    "contact": [
+      {
+        "email": [
+          {
+            "label": "Email",
+            "emailAddr": "[email protected]"
+          }
+        ],
+        "contact": [],
+        "form": []
+      }
+    ],
+    "disclosurePolicy": [
+      {
+        "label": "Policy",
+        "language": "",
+        "url": "https://directcyber.com.au/report.html"
+      }
+    ],
+    "securityAdvisories": {
+      "alerts": [],
+      "advisories": [
+        {
+          "label": "Advisories",
+          "url": "https://directcyber.com.au/advisory.html"
+        }
+      ]
+    },
+    "resources": [],
+    "CNA": {
+      "isRoot": false,
+      "root": {
+        "shortName": "n/a",
+        "organizationName": "n/a"
+      },
+      "roles": [
+        {
+          "helpText": "",
+          "role": "CNA"
+        }
+      ],
+      "TLR": {
+        "shortName": "mitre",
+        "organizationName": "MITRE Corporation"
+      },
+      "type": [
+        "Researcher",
+        "Open Source"
+      ]
+    },
+    "country": "Australia"
+  },
+  {
+    "shortName": "sec1",
+    "cnaID": "CNA-2024-0019",
+    "organizationName": "Sec1",
+    "scope": "Vulnerabilities found in cybersecurity software solutions developed and maintained by Sec1 as listed on <a href='https://sec1.io/' target='_blank'>https://sec1.io/</a>, and vulnerabilities identified in software projects or products where Sec1 has a direct and substantial contribution or partnership, unless covered by the scope of another CNA",
+    "contact": [
+      {
+        "email": [
+          {
+            "label": "Email",
+            "emailAddr": "[email protected]"
+          }
+        ],
+        "contact": [],
+        "form": []
+      }
+    ],
+    "disclosurePolicy": [
+      {
+        "label": "Policy",
+        "language": "",
+        "url": "https://sec1.io/sec1-public-disclosure-policy-for-cve-reporting/"
+      }
+    ],
+    "securityAdvisories": {
+      "alerts": [],
+      "advisories": [
+        {
+          "label": "Advisories",
+          "url": "https://sec1.io/sec1-security-advisories/"
+        }
+      ]
+    },
+    "resources": [],
+    "CNA": {
+      "isRoot": false,
+      "root": {
+        "shortName": "n/a",
+        "organizationName": "n/a"
+      },
+      "roles": [
+        {
+          "helpText": "",
+          "role": "CNA"
+        }
+      ],
+      "TLR": {
+        "shortName": "mitre",
+        "organizationName": "MITRE Corporation"
+      },
+      "type": [
+        "Vendor"
+      ]
+    },
+    "country": "India"
   }
 ]

src/assets/data/NotificationBanner.json

@@ -1,8 +1,36 @@
 {
   "shouldDisplay":true,
-  "publishCount": 5,
+  "publishCount": 6,
   "collapsed": false,
   "notificationContents": [
+
+
+    {
+      "contentType": "paragraph", 
+      "content": "<b>NOTICE &mdash;</b>"
+    },
+
+    {
+      "contentType": "paragraph", 
+      "content": "The CVE Request Web Forms service at "
+    },
+
+    {
+      "contentType": "externalLink", 
+      "link": "https://cveform.mitre.org/",
+      "linkText": "https://cveform.mitre.org/"
+    },  
+
+    {
+      "contentType": "paragraph", 
+      "content": " is partially degraded. Responses to requests submitted via the forms may experience delays. We apologize for any inconvenience and will update this message once service is restored."
+    },
+
+    {
+      "contentType": "paragraph", 
+      "content": "<br/><br/>"
+    },
+
     {
       "contentType": "paragraph",
       "content": "<b>Welcome to the new CVE Beta website!</b> "

src/assets/data/metrics.json

@@ -1094,7 +1094,7 @@
         },
         {
           "month": "March",
-          "value": "TBA"
+          "value": "2"
         },
         {
           "month": "April",

src/assets/data/news.json

@@ -1,5 +1,141 @@
 {
   "currentNews": [
+    {
+      "id": 325,
+      "newsType": "news",
+      "title": "Sec1 Added as CVE Numbering Authority (CNA)",
+      "urlKeywords": "Sec1 Added as CNA",
+      "date": "2024-03-05",
+      "description": [
+        {
+          "contentnewsType": "paragraph",
+          "content": "<a href='/PartnerInformation/ListofPartners/partner/sec1'>Sec1</a> is now a <a href=' /ResourcesSupport/Glossary?activeTerm=glossaryCNA'>CVE Numbering Authority (CNA)</a> for vulnerabilities found in cybersecurity software solutions developed and maintained by Sec1 as listed on <a href='https://sec1.io/' target='_blank'>https://sec1.io/</a>, and vulnerabilities identified in software projects or products where Sec1 has a direct and substantial contribution or partnership, unless covered by the scope of another CNA."
+        },
+        {
+          "contentnewsType": "paragraph",
+          "content": "To date, <a href='/PartnerInformation/ListofPartners'>364 CNAs</a> (362 CNAs and 2 CNA-LRs) from <a href='/ProgramOrganization/CNAs'>40 countries</a> and 1 no country affiliation have partnered with the CVE Program. CNAs are organizations from around the world that are authorized to assign <a href='/ResourcesSupport/Glossary?activeTerm=glossaryCVEID'>CVE Identifiers (CVE IDs)</a> and publish <a href='/ResourcesSupport/Glossary?activeTerm=glossaryRecord'>CVE Records</a> for vulnerabilities affecting products within their distinct, agreed-upon scope, for inclusion in first-time public announcements of new vulnerabilities. Sec1 is the 8th CNA from India."
+        },
+        {
+          "contentnewsType": "paragraph",
+          "content": "Sec1’s Root is the <a href='/PartnerInformation/ListofPartners/partner/mitre'>MITRE Top-Level Root</a>."
+        }
+      ]
+    },
+    {
+      "id": 324,
+      "newsType": "news",
+      "title": "DirectCyber Added as CVE Numbering Authority (CNA)",
+      "urlKeywords": "DirectCyber Added as CNA",
+      "date": "2024-03-05",
+      "description": [
+        {
+          "contentnewsType": "paragraph",
+          "content": "<a href='/PartnerInformation/ListofPartners/partner/directcyber'>DirectCyber</a> is now a <a href=' /ResourcesSupport/Glossary?activeTerm=glossaryCNA'>CVE Numbering Authority (CNA)</a> for products in Australia (either the reporter or the target vendor must operate in AU), which are not covered by another CNA."
+        },
+        {
+          "contentnewsType": "paragraph",
+          "content": "To date, <a href='/PartnerInformation/ListofPartners'>363 CNAs</a> (361 CNAs and 2 CNA-LRs) from <a href='/ProgramOrganization/CNAs'>40 countries</a> and 1 no country affiliation have partnered with the CVE Program. CNAs are organizations from around the world that are authorized to assign <a href='/ResourcesSupport/Glossary?activeTerm=glossaryCVEID'>CVE Identifiers (CVE IDs)</a> and publish <a href='/ResourcesSupport/Glossary?activeTerm=glossaryRecord'>CVE Records</a> for vulnerabilities affecting products within their distinct, agreed-upon scope, for inclusion in first-time public announcements of new vulnerabilities. DirectCyber is the 5th CNA from Australia."
+        },
+        {
+          "contentnewsType": "paragraph",
+          "content": "DirectCyber’s Root is the <a href='/PartnerInformation/ListofPartners/partner/mitre'>MITRE Top-Level Root</a>."
+        }
+      ]
+    },
+    {
+      "id": 322,
+      "newsType": "blog",
+      "title": "<i>CVE/FIRST VulnCon 2024</i> Registration Closing on March 11, 2024",
+      "urlKeywords": "VulnCon 2024 Registration Closes March 11 2024",
+      "date": "2024-03-05",
+      "author": {
+        "name": "CVE Program",
+        "organization": {
+          "name": "CVE Program",
+          "url": ""
+        },
+        "title": "",
+        "bio": ""
+      },
+      "description": [
+        {
+          "contentnewsType": "paragraph",
+          "content": "Registration will close on <strong>March 11, 2024, at 11:59 UTC</strong>, for “<a href='https://www.first.org/conference/vulncon2024/' target='_blank'>CVE Program/FIRST VulnCon 2024</a>,” being held at the McKimmon Center in Raleigh, North Carolina, USA, on March 25-27, 2024. View the <a href='https://www.first.org/conference/vulncon2024/program'>full agenda</a> now or <a href='https://events.first.org/profile/16208' target='_blank'>register today</a> on the conference website.<br/><br/> <a href='/PartnerInformation/ListofPartners'>CVE Numbering Authorities (CNAs)</a> &mdash; VulnCon 2024 takes the place of this year’s Spring CVE Global Summit."
+        },
+        {
+          "contentnewsType": "image",
+          "imageWidth": "",
+          "href": "/news/VulnCon2024.png",
+          "altText": "CVE/FIRST VulnCon 2024",
+          "captionText": "<a href='https://www.first.org/conference/vulncon2024/' target='_blank'>CVE/FIRST VulnCon 2024</a>"
+        },
+        {
+          "contentnewsType": "paragraph",
+          "content": "<h3>Registration</h3>"
+        },
+        {
+          "contentnewsType": "paragraph",
+          "content": "<a href='https://events.first.org/profile/16208' target='_blank'>In-person and virtual</a> registration are open until <strong>March 11, 2024, at 11:59 UTC</strong>, on this <a href='https://events.first.org/profile/16208' target='_blank'>FIRST web page</a>. Please note that discounted rates are not being offered for this event regardless of membership or speaking status. Register now using FIRST’s <a href='https://events.first.org/profile/16208' target='_blank'>Event Registration Form</a>."
+        },
+        {
+          "contentnewsType": "paragraph",
+          "content": "<ul><li><strong>Standard Admission:</strong> US $250.00</li><li><strong>Virtual Admission:</strong> US $100.00</li></ul>"
+        },
+        {
+          "contentnewsType": "paragraph",
+          "content": "Registration fees for standard admission include three days of coffee breaks and buffet lunches, one networking reception, and applicable meeting materials."
+        },
+        {
+          "contentnewsType": "paragraph",
+          "content": "Additional Details: <ul><li><strong>In-Person Registration</strong> &ndash; Located in the main lobby of the McKimmon Conference and Training Center (see venue section below). Please have a copy of your ID or registration confirmation readily available to assist with badge collection. Registration will open at 07:30 all three days.</li><li><strong>Virtual Attendance</strong> &ndash; All presentations will be TLP:CLEAR and streamed for those interested in virtual participation. Virtual registration is available within the registration form. Streaming will be delivered over Zoom.</li></ul>"
+        },
+        {
+          "contentnewsType": "paragraph",
+          "content": "Venue:"
+        },
+        {
+          "contentnewsType": "paragraph",
+          "content": "<a href='https://facilities.ofa.ncsu.edu/building/mck/' target='_blank'>McKimmon Center</a><br/>North Carolina State University<br/>1101 Gorman St.<br/>Raleigh, North Carolina 27606<br/>USA"
+        },
+        {
+          "contentnewsType": "paragraph",
+          "content": "<h3>About VulnCon 2024</h3>"
+        },
+        {
+          "contentnewsType": "paragraph",
+          "content": "The purpose of VulnCon &mdash; which is open to the public &mdash; is to collaborate with various vulnerability management and cybersecurity professionals to develop forward leaning ideas that can be taken back to individual programs for action to benefit the vulnerability management ecosystem. A key goal of the conference is to understand what important stakeholders and programs are doing within the vulnerability management ecosystem and best determine how to benefit the ecosystem broadly."
+        },
+        {
+          "contentnewsType": "paragraph",
+          "content": "<h4>Learn More</h4"
+        },
+        {
+          "contentnewsType": "paragraph",
+          "content": "For most up-to-date information, visit the <a href='https://www.first.org/conference/vulncon2024/' target='_blank'>CVE/FIRST VulnCon 2024</a> conference page hosted on the FIRST website."
+        },
+        {
+          "contentnewsType": "paragraph",
+          "content": "We look forward to seeing you at this first-ever community event!</a>"
+        }
+      ]
+    },
+    {
+      "id": 321,
+      "newsType": "news",
+      "title": "Minutes from CVE Board Teleconference Meeting on February 7 Now Available",
+      "urlKeywords": "CVE Board Minutes from February 7",
+      "date": "2024-03-05",
+      "description": [
+        {
+          "contentnewsType": "paragraph", 
+          "content": "The <a href='/ProgramOrganization/Board'>CVE Board</a> held a teleconference meeting on February 7, 2024. Read the <a href='https://cve.mitre.org/community/board/meeting_summaries/07_February_2024.pdf' target='_blank'>meeting minutes summary</a>."
+        },
+        {
+          "contentnewsType": "paragraph", 
+          "content": "The CVE Board is the organization responsible for the strategic direction, governance, operational structure, policies, and rules of the CVE Program. The Board includes members from numerous cybersecurity-related organizations including commercial security tool vendors, academia, research institutions, government departments and agencies, and other prominent security experts, as well as end-users of vulnerability information."
+        }
+      ]
+    },
     {
       "id": 320,
       "newsType": "blog",

src/assets/style/globals.scss

@@ -87,7 +87,7 @@ section.hero:first-of-type{
 }
 
 .cve-button-outline {
-  background-color: white;
+  background-color: white !important;
 }
 
 .cve-button-accent-warm {

src/views/About/Metrics.vue

@@ -33,8 +33,10 @@
               <div class="cve-scrollx-table-container">
                 <table class="table is-striped is-hoverable cve-border-dark-blue">
                   <thead>
-                    <th>Year</th>
-                    <th v-for="year in publishedCveRecords.years" :key="year">{{year}}</th>
+                    <tr>
+                      <th>Year</th>
+                      <th v-for="year in publishedCveRecords.years" :key="year">{{year}}</th>
+                    </tr>
                   </thead>
                   <tbody>
                     <tr v-for="quarter in ['4', '3', '2', '1']" :key="`published-${quarter}`">
@@ -75,8 +77,10 @@
               <div class="cve-scrollx-table-container">
                 <table class="table is-striped is-hoverable cve-border-dark-blue">
                   <thead>
-                    <th>Year</th>
-                    <th v-for="year in reservedIds.years" :key="year">{{year}}</th>
+                    <tr>
+                      <th>Year</th>
+                      <th v-for="year in reservedIds.years" :key="year">{{year}}</th>
+                    </tr>
                   </thead>
                   <tbody>
                     <tr>