What is the glibc CNA?
glibc is a CVE Numbering Authority (CNA) — an organization authorized to assign CVE IDs to vulnerabilities in its scope. It has published 13 CVE records since 2024.
How many CVEs has glibc published?
glibc has published 13 CVE records, including 13 in the last two years.
What is glibc's CVE data quality grade?
RadicalNotion.AI grades glibc's CVE data quality as C, with an overall completeness score of 76.9%. This reflects how consistently its CVE records include vendor (100%), product (100%), CVSS (7.7%), and CWE (100%) information.
What products does glibc publish CVEs for?
glibc most frequently publishes CVEs for glibc, SIPLUS S7-1500 CPU 1518-4 PN/DP MFP, SIMATIC S7-1500 CPU 1518-4 PN/DP MFP, SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP, debian linux.
Which vendors does glibc cover?
glibc publishes CVEs across 2 distinct vendors, most often The GNU C Library, gnu, Siemens, bminor, debian.
Is glibc actively publishing CVEs?
glibc is currently active, based on 13 CVEs in the last two years.
What is the average severity of glibc's CVEs?
The average CVSS base score across glibc's scored CVEs is 5.9.
How many critical CVEs has glibc published?
glibc has published 1 critical-severity CVEs and 12 high-severity CVEs.
Are any of glibc's CVEs in CISA's Known Exploited Vulnerabilities catalog?
No. None of glibc's CVEs are currently listed in CISA's Known Exploited Vulnerabilities (KEV) catalog.
What are the most common weakness types in glibc's CVEs?
glibc's CVEs most often map to these CWE weakness types: CWE-908 (Use of Uninitialized Resource), CWE-617 (Reachable Assertion), CWE-665 (Improper Initialization), CWE-787 (Out-of-bounds Write).
How does glibc rank among CNAs?
By total CVE volume, glibc ranks #278 of 370 CNAs, and it reports more complete CVE records than 27% of all CNAs.
