- What is the duo CNA?
- duo is a CVE Numbering Authority (CNA) — an organization authorized to assign CVE IDs to vulnerabilities in its scope. It has published 6 CVE records since 2017.
- How many CVEs has duo published?
- duo has published 6 CVE records, including 0 in the last two years.
- What is duo's CVE data quality grade?
- RadicalNotion.AI grades duo's CVE data quality as B, with an overall completeness score of 83.3%. This reflects how consistently its CVE records include vendor (83.3%), product (83.3%), CVSS (83.3%), and CWE (83.3%) information.
- What products does duo publish CVEs for?
- duo most frequently publishes CVEs for debian linux, Duo Network Gateway, omniauth saml, omniauth-saml, OmnitAuth-SAML.
- Which vendors does duo cover?
- duo publishes CVEs across 4 distinct vendors, most often OneLogin, Clever, debian, Duo Security, jpadilla.
- Is duo actively publishing CVEs?
- duo is currently inactive (has not published recently), based on 0 CVEs in the last two years.
- What is the average severity of duo's CVEs?
- The average CVSS base score across duo's scored CVEs is 7.7.
- How many critical CVEs has duo published?
- duo has published 4 critical-severity CVEs and 2 high-severity CVEs.
- Are any of duo's CVEs in CISA's Known Exploited Vulnerabilities catalog?
- No. None of duo's CVEs are currently listed in CISA's Known Exploited Vulnerabilities (KEV) catalog.
- What are the most common weakness types in duo's CVEs?
- duo's CVEs most often map to these CWE weakness types: CWE-287 (Improper Authentication).
- How does duo rank among CNAs?
- By total CVE volume, duo ranks #343 of 370 CNAs, and it reports more complete CVE records than 31% of all CNAs.