- What is the debian CNA?
- debian is a CVE Numbering Authority (CNA) — an organization authorized to assign CVE IDs to vulnerabilities in its scope. It has published 642 CVE records since 2005.
- How many CVEs has debian published?
- debian has published 642 CVE records, including 9 in the last two years.
- What is debian's CVE data quality grade?
- RadicalNotion.AI grades debian's CVE data quality as F, with an overall completeness score of 8.6%. This reflects how consistently its CVE records include vendor (11.8%), product (20.7%), CVSS (0%), and CWE (2%) information.
- What products does debian publish CVEs for?
- debian most frequently publishes CVEs for debian linux, ubuntu linux, ImageMagick, fedora, leap.
- Which vendors does debian cover?
- debian publishes CVEs across 34 distinct vendors, most often Debian, canonical, openSUSE, ImageMagick, fedoraproject.
- Is debian actively publishing CVEs?
- debian is currently active, based on 9 CVEs in the last two years.
- How many critical CVEs has debian published?
- debian has published 93 critical-severity CVEs and 225 high-severity CVEs.
- Are any of debian's CVEs in CISA's Known Exploited Vulnerabilities catalog?
- Yes. 3 of debian's CVEs are listed in CISA's Known Exploited Vulnerabilities (KEV) catalog, meaning they are confirmed to be exploited in the wild.
- What are the most common weakness types in debian's CVEs?
- debian's CVEs most often map to these CWE weakness types: CWE-78 (Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')), CWE-120 (Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')), CWE-862 (Missing Authorization), CWE-59 (Improper Link Resolution Before File Access ('Link Following')).
- How does debian rank among CNAs?
- By total CVE volume, debian ranks #48 of 370 CNAs, and it reports more complete CVE records than 1% of all CNAs.