What is the BlackDuck CNA?
BlackDuck is a CVE Numbering Authority (CNA) — an organization authorized to assign CVE IDs to vulnerabilities in its scope. It has published 11 CVE records since 2024.
How many CVEs has BlackDuck published?
BlackDuck has published 11 CVE records, including 11 in the last two years.
What is BlackDuck's CVE data quality grade?
RadicalNotion.AI grades BlackDuck's CVE data quality as A, with an overall completeness score of 100%. This reflects how consistently its CVE records include vendor (100%), product (100%), CVSS (100%), and CWE (100%) information.
What products does BlackDuck publish CVEs for?
BlackDuck most frequently publishes CVEs for LogicalDOC Enterprise, LogicalDOC Community, logicaldoc, Coverity, Black Duck SCA.
Which vendors does BlackDuck cover?
BlackDuck publishes CVEs across 3 distinct vendors, most often LogicalDOC, Black Duck, LightFTP.
Is BlackDuck actively publishing CVEs?
BlackDuck is currently active, based on 11 CVEs in the last two years.
What is the average severity of BlackDuck's CVEs?
The average CVSS base score across BlackDuck's scored CVEs is 7.8.
How many critical CVEs has BlackDuck published?
BlackDuck has published 2 critical-severity CVEs and 8 high-severity CVEs.
Are any of BlackDuck's CVEs in CISA's Known Exploited Vulnerabilities catalog?
No. None of BlackDuck's CVEs are currently listed in CISA's Known Exploited Vulnerabilities (KEV) catalog.
What are the most common weakness types in BlackDuck's CVEs?
BlackDuck's CVEs most often map to these CWE weakness types: CWE-89 (Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')), CWE-79 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')), CWE-23 (Relative Path Traversal), CWE-94 (Improper Control of Generation of Code ('Code Injection')).
How does BlackDuck rank among CNAs?
By total CVE volume, BlackDuck ranks #297 of 370 CNAs, and it reports more complete CVE records than 60% of all CNAs.
