DWF Open Source Request Form v2
This is the simple request form for a single CVE in an Open Source product or software for an issue that is public. For closed source and other CNA's please check with Mitre at https://cve.mitre.org/cve/cna.html or email them at cve-assign@mitre.org. If you need more than one CVE either fill this form out multiple times, or shove everything into the "Additional Information" field. If you need an embargoed CVE this is NOT the form to use.
Requestor email address:
Your contact email address:
Your answer
Product name:
Product Name - please use the full name the vendor/project uses (so we can search for it if need be)
Your answer
Vendor or project name:
Name of project vendor/owner (if it exists) - needed if the project name isn't unique/well known
Your answer
Version affected:
Please put an affected version (e.g. 1.2.3) or range (e.g. 1.2.3 and older)
Your answer
Version fixed (if known):
If you know the fixed version please put it here, this is not mandatory as CVE's can be assigned to issues that have not been fixed yet
Your answer
Affected component (if known):
Affected function name, line of code, functionality (e.g. image upload)
Your answer
Has the project confirmed or acknowledged the vulnerability?
Has the upstream project been contacted and replied yet
Vulnerability type (if unknown use "other" and explain):
Vulnerability type if other:
Your answer
Impact of issue (select more than one if needed):
Impact of issue if other:
Your answer
Attack vector / exploitation:
If known please provide information on how this issue is exploited or what the attack vector is
Your answer
Suggested Description of issue for CVE database:
Example format: [Vendor name] [product name] version [version info] is vulnerable to a [single flaw type] in the [component] resulting [some impact].
Your answer
Short title of issue:
If the description is very long please provide a short title such as "Buffer overflow in Foo version 1.2"
Your answer
Additional notes / original advisory:
Please add any additional notes, the original advisory or other additional information if available:
Your answer
Reference URLs (must be public, e.g. no login required):
Your answer
Person/People/Organization that helped discover or process this vulnerability:
Your answer
Never submit passwords through Google Forms.
This form was created inside of Seifried. Report Abuse - Terms of Service - Additional Terms