What is the apple CNA?
apple is a CVE Numbering Authority (CNA) — an organization authorized to assign CVE IDs to vulnerabilities in its scope. It has published 6,550 CVE records since 2010.
How many CVEs has apple published?
apple has published 6,550 CVE records, including 1,256 in the last two years.
What is apple's CVE data quality grade?
RadicalNotion.AI grades apple's CVE data quality as F, with an overall completeness score of 33.1%. This reflects how consistently its CVE records include vendor (52.9%), product (55.8%), CVSS (0%), and CWE (23.7%) information.
What products does apple publish CVEs for?
apple most frequently publishes CVEs for iphone os, macOS, mac os x, tvOS, iPadOS.
Which vendors does apple cover?
apple publishes CVEs across 10 distinct vendors, most often Apple, microsoft, webkitgtk, canonical, debian.
Is apple actively publishing CVEs?
apple is currently active, based on 1,256 CVEs in the last two years.
What is the average severity of apple's CVEs?
The average CVSS base score across apple's scored CVEs is 6.3.
How many critical CVEs has apple published?
apple has published 166 critical-severity CVEs and 747 high-severity CVEs.
Are any of apple's CVEs in CISA's Known Exploited Vulnerabilities catalog?
Yes. 93 of apple's CVEs are listed in CISA's Known Exploited Vulnerabilities (KEV) catalog, meaning they are confirmed to be exploited in the wild.
What are the most common weakness types in apple's CVEs?
apple's CVEs most often map to these CWE weakness types: CWE-200 (Exposure of Sensitive Information to an Unauthorized Actor), CWE-284 (Improper Access Control), CWE-787 (Out-of-bounds Write), CWE-125 (Out-of-bounds Read).
How does apple rank among CNAs?
By total CVE volume, apple ranks #12 of 370 CNAs, and it reports more complete CVE records than 2% of all CNAs.
