OpenAtom Foundation has officially announced that it has been granted Common Vulnerabilities and Exposures (CVE) disclosure clearance. Finally, OpenHarmony will have the chance to release its software details and system exploits.
According to the latest information, the OpenAtom Foundation recently participated in the Common Vulnerability Disclosure Numbering Authority (CNA) program. Therefore, the organization has given the foundation the honor of becoming the numbering authority.
OpenHarmony is an open-source project managed and operated by the OpenAtom Foundation. The main goal of this project is to create an open source distributed operating system framework for smart devices. So far, the respective project has several rights. However, it remains stagnant since the discovery and publication of the vulnerabilities and exposures of its systems.
At present, the company has qualified for the CVE General Vulnerability Disclosure issuance. This means that the OpenHarmony system now has full rights to define the details of its software and identify exploits and security threats, if any.
How does CVE disclosure work?
Generally, the CVE authority, established in September 1999, is a global non-profit institution. The institute has various IT vendors, security companies and security research centers around the world. Together, these cooperations contribute to the delivery and management of the software details of a particular system.
Apart from these cooperations, some specific actors help to find the vulnerability of the system. These people identify software threats with a unique CVE code. This code helps operators trace problems and find a definitive solution. Subsequently, the company releases the patches based on these threats.
Since OpenHarmony became the CVE numbering authority, the company is free to manage and manage CVE numbers related to the OpenHarmony community. On the other hand, it is now responsible for attributing and describing errors in the authorization.
You can better understand OpenHarmony’s vulnerability policy, HERE.
(Source)