The Distributed Weakness Filing (DWF) Project is the first federated CVE Number Authority (CNA). The DWF will initially deal with assigning CVEs for Open Source software (as defined by OSI approved Open Source licenses https://opensource.org/licenses and similar licenses). The DWF will assign CVEs for valid security vulnerabilities using the same or very similar processes as Mitre and other CVE Numbering Authorities currently use.
We are currently deciding on process for this, in the mean time you can submit an issue via the form at https://iwantacve.org/
The first step is to contact us, email is good (see our contact info), or file an issue. To get involved with the DWF you MUST accept the Contributor Covenant.
If you are assigning CVEs on behalf of the DWF please consult the CVE Assignment HOWTO.
We are currently deciding on process for this, in the mean time you can file an issue against the DWF DNA Registry, or email [email protected] so we don't lose track of your CNA request.