Public CNA Registry
This project is run by an anonymous group of security researchers and depends on community involvement/agreement in order to function properly.
The goal of this project is to allow well known security researchers and security teams to assign CVE issues to security vulnerabilities with minimal over head.
The process for this is simple:
-
Each researcher/team is assigned a block of 1000 CVEs, this block is constant from year to year, for example a team may be granted CVE-YEAR-34000 to CVE-YEAR-34999.
-
Researchers or teams that wish to register simply need to send a pull request with: the entity name, contact email address and a URL for where security advisories with the CVEs will be published.
-
In the event of a duplicate CVE a preference will be given to the CVE publicly assigned and published first except in the case where Mitre assigns a CVE for an issue then the Mitre CVE will have preference.
-
If the researcher has any questions or concerns they can contact us for help at distributedweaknessfiling@gmail.com