On June 24, Huawei openEuler became a CVE number distribution organization through the CNA access process.
Common Vulnerabilities & Exposures (CVE) is one of the most well-known vulnerability disclosure repositories in the security industry, which contains information on various types of vulnerabilities with corresponding severity ratings.
Each vulnerability in a CVE has a unique CVE number, which can be used to quickly find the scope of the vulnerability and patch information in a vulnerability database or security tool.
The CNA (CVE Numbering Authority) is the organization that distributes CVE numbers and is comprised of vendors, the open source project community, vulnerability researchers, and the National Computer Security Emergency Response Team.
Its primary function is to distribute and manage CVE numbers within the scope of its mandate.
There are currently 129 organizational members from 21 countries, including Adobe, Apple, Apache, Eclipse Foundation, Google, Kubernetes, and PHP Group.
Chinese members include Alibaba, Huawei, Lenovo, OPPO, Qihoo 360, Vivo, Xiaomi, and ZTE.
The addition of openEuler to the CNA means that it is qualified to distribute and manage CVE numbers for the openEuler community and can better respond to security concerns.