GitHub_M CNA: CVE Report Card & Published CVEs

How complete and consistent GitHub_M's CVE records are, scored across vendor, product, CVSS, and CWE coverage.

Frequently asked questions

Common questions about the GitHub_M CNA.

What is the GitHub_M CNA?

GitHub_M is a CVE Numbering Authority (CNA) — an organization authorized to assign CVE IDs to vulnerabilities in its scope. It has published 10,605 CVE records since 2019.

How many CVEs has GitHub_M published?

GitHub_M has published 10,605 CVE records, including 5,734 in the last two years.

What is GitHub_M's CVE data quality grade?

RadicalNotion.AI grades GitHub_M's CVE data quality as A, with an overall completeness score of 99.8%. This reflects how consistently its CVE records include vendor (99.7%), product (99.7%), CVSS (99.9%), and CWE (99.9%) information.

What products does GitHub_M publish CVEs for?

GitHub_M most frequently publishes CVEs for TensorFlow, tensorflow-cpu, tensorflow-gpu, fedora, debian linux.

Which vendors does GitHub_M cover?

GitHub_M publishes CVEs across 2,411 distinct vendors, most often pip, npm, Bitnami, composer, PyPI.

Is GitHub_M actively publishing CVEs?

GitHub_M is currently active, based on 5,734 CVEs in the last two years.

What is the average severity of GitHub_M's CVEs?

The average CVSS base score across GitHub_M's scored CVEs is 6.7.

How many critical CVEs has GitHub_M published?

GitHub_M has published 1,787 critical-severity CVEs and 5,852 high-severity CVEs.

Are any of GitHub_M's CVEs in CISA's Known Exploited Vulnerabilities catalog?

Yes. 34 of GitHub_M's CVEs are listed in CISA's Known Exploited Vulnerabilities (KEV) catalog, meaning they are confirmed to be exploited in the wild.

What are the most common weakness types in GitHub_M's CVEs?

GitHub_M's CVEs most often map to these CWE weakness types: CWE-79 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')), CWE-22 (Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')), CWE-200 (Exposure of Sensitive Information to an Unauthorized Actor), CWE-89 (Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')).

How does GitHub_M rank among CNAs?

By total CVE volume, GitHub_M ranks #6 of 370 CNAs, and it reports more complete CVE records than 58% of all CNAs.

GitHub_M

Overview

Data quality report card

What these scores mean

Severity and exploitation

Common weakness types

Publishing activity by year

Top vendors

Top products

Latest CVEs

Other CNAs