Impact of the bugs in OpenSSL are so significant, that they always end up in to the news.
BearSSL is still a quite little project compared to it, and because of that no CVE:s are being made if the author finds a bug by themself from his own code.
On the other hand, every bug in OpenSSL gets CVE mark and will end up into the news.
It gives distorted view and comparison of the software quality between many projects.
On the other hand, every bug in OpenSSL gets CVE mark and will end up into the news. It gives distorted view and comparison of the software quality between many projects.