What is the AMZN CNA?
AMZN is a CVE Numbering Authority (CNA) — an organization authorized to assign CVE IDs to vulnerabilities in its scope. It has published 52 CVE records since 2024.
How many CVEs has AMZN published?
AMZN has published 52 CVE records, including 52 in the last two years.
What is AMZN's CVE data quality grade?
RadicalNotion.AI grades AMZN's CVE data quality as A, with an overall completeness score of 100%. This reflects how consistently its CVE records include vendor (100%), product (100%), CVSS (100%), and CWE (100%) information.
What products does AMZN publish CVEs for?
AMZN most frequently publishes CVEs for FreeRTOS-Plus-TCP, tough, athena odbc, linux kernel, Amazon Athena ODBC driver.
Which vendors does AMZN cover?
AMZN publishes CVEs across 3 distinct vendors, most often AWS, Amazon, pip, linux, rust.
Is AMZN actively publishing CVEs?
AMZN is currently active, based on 52 CVEs in the last two years.
What is the average severity of AMZN's CVEs?
The average CVSS base score across AMZN's scored CVEs is 6.9.
How many critical CVEs has AMZN published?
AMZN has published 10 critical-severity CVEs and 52 high-severity CVEs.
Are any of AMZN's CVEs in CISA's Known Exploited Vulnerabilities catalog?
No. None of AMZN's CVEs are currently listed in CISA's Known Exploited Vulnerabilities (KEV) catalog.
What are the most common weakness types in AMZN's CVEs?
AMZN's CVEs most often map to these CWE weakness types: CWE-295 (Improper Certificate Validation), CWE-327 (Use of a Broken or Risky Cryptographic Algorithm), CWE-78 (Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')), CWE-787 (Out-of-bounds Write).
How does AMZN rank among CNAs?
By total CVE volume, AMZN ranks #162 of 370 CNAs, and it reports more complete CVE records than 60% of all CNAs.
