Opera becomes part of the CNA program
Usually, Friday the 13th is considered to be an unlucky day. However, this is not the case for Opera, as we have great news, especially for security researchers and all security-minded Opera fans.
We are proud to announce that Opera has successfully become a member of the CVE Numbering Authority (CNA) program. The CNA program, started by MITRE almost 20 years ago, is a network of organizations who identify and report vulnerabilities in cybersecurity.
MITRE is a non-profit organization which is, as stated in their mission, “dedicated to solving problems for a safer world.” As you can read on MITRE’s website:
CVE Numbering Authorities (CNAs) are organizations from around the world that are authorized to assign CVE IDs to vulnerabilities affecting products within their distinct, agreed-upon scope, for inclusion in first-time public announcements of new vulnerabilities. These CVE IDs are provided to researchers, vulnerability disclosers, and information technology vendors.
How it works
The CVE model was originally proposed in 1999. Since that time, the concept grew from a whitepaper report to the current CNA Program which contains numerous organizations from around the world.
The Common Vulnerabilities and Exposures (CVE) list is built thanks to the effort of CNAs. Also, every single CVE Entry added to the list is assigned and approved by a specific CNA. Now, Opera is also part of this important initiative, joining other major browsers and IT companies – see the full list of participating CNAs.
What this means for Opera
Opera can now autonomously assign CVE identifiers for our products. This is especially important information for any researcher who finds a vulnerability in our product and wants to have a CVE assigned to it. Please remember that you can report security issues as well as contact us. Furthermore, all the CVE are presented on our Security Advisories page.
As a company, Opera is constantly working on improving the security of our projects and users. Becoming a part of the CNA Program will help us continue our dedicated work, especially in vulnerability management. Being a CNA gives us new opportunities to make a difference, though we keep in mind that with great power comes great responsibility. Thank you MITRE!