What is the eclipse CNA?
eclipse is a CVE Numbering Authority (CNA) — an organization authorized to assign CVE IDs to vulnerabilities in its scope. It has published 192 CVE records since 2017.
How many CVEs has eclipse published?
eclipse has published 192 CVE records, including 77 in the last two years.
What is eclipse's CVE data quality grade?
RadicalNotion.AI grades eclipse's CVE data quality as B, with an overall completeness score of 87.5%. This reflects how consistently its CVE records include vendor (99.5%), product (99.5%), CVSS (53.1%), and CWE (97.9%) information.
What products does eclipse publish CVEs for?
eclipse most frequently publishes CVEs for Jetty, Eclipse Jetty, jetty.project, Mosquitto, OpenJ9.
Which vendors does eclipse cover?
eclipse publishes CVEs across 9 distinct vendors, most often Eclipse, The Eclipse Foundation, Eclipse Foundation, org.eclipse.jetty, eclipse-threadx.
Is eclipse actively publishing CVEs?
eclipse is currently active, based on 77 CVEs in the last two years.
What is the average severity of eclipse's CVEs?
The average CVSS base score across eclipse's scored CVEs is 6.2.
How many critical CVEs has eclipse published?
eclipse has published 10 critical-severity CVEs and 34 high-severity CVEs.
Are any of eclipse's CVEs in CISA's Known Exploited Vulnerabilities catalog?
No. None of eclipse's CVEs are currently listed in CISA's Known Exploited Vulnerabilities (KEV) catalog.
What are the most common weakness types in eclipse's CVEs?
eclipse's CVEs most often map to these CWE weakness types: CWE-79 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')), CWE-20 (Improper Input Validation), CWE-125 (Out-of-bounds Read), CWE-400 (Uncontrolled Resource Consumption).
How does eclipse rank among CNAs?
By total CVE volume, eclipse ranks #86 of 370 CNAs, and it reports more complete CVE records than 34% of all CNAs.
