What is the GRAFANA CNA?
GRAFANA is a CVE Numbering Authority (CNA) — an organization authorized to assign CVE IDs to vulnerabilities in its scope. It has published 43 CVE records since 2023.
How many CVEs has GRAFANA published?
GRAFANA has published 43 CVE records, including 32 in the last two years.
What is GRAFANA's CVE data quality grade?
RadicalNotion.AI grades GRAFANA's CVE data quality as A, with an overall completeness score of 99.4%. This reflects how consistently its CVE records include vendor (100%), product (100%), CVSS (100%), and CWE (97.7%) information.
What products does GRAFANA publish CVEs for?
GRAFANA most frequently publishes CVEs for Grafana, github.com/grafana/grafana, Grafana OSS, Grafana Enterprise, grafana/grafana-enterprise.
Which vendors does GRAFANA cover?
GRAFANA publishes CVEs across 4 distinct vendors, most often Grafana, Bitnami, Grafana Labs, microsoft, alexanderzobnin.
Is GRAFANA actively publishing CVEs?
GRAFANA is currently active, based on 32 CVEs in the last two years.
What is the average severity of GRAFANA's CVEs?
The average CVSS base score across GRAFANA's scored CVEs is 6.2.
How many critical CVEs has GRAFANA published?
GRAFANA has published 7 critical-severity CVEs and 18 high-severity CVEs.
Are any of GRAFANA's CVEs in CISA's Known Exploited Vulnerabilities catalog?
No. None of GRAFANA's CVEs are currently listed in CISA's Known Exploited Vulnerabilities (KEV) catalog.
What are the most common weakness types in GRAFANA's CVEs?
GRAFANA's CVEs most often map to these CWE weakness types: CWE-79 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')), CWE-284 (Improper Access Control), CWE-400 (Uncontrolled Resource Consumption), CWE-863 (Incorrect Authorization).
How does GRAFANA rank among CNAs?
By total CVE volume, GRAFANA ranks #183 of 370 CNAs, and it reports more complete CVE records than 56% of all CNAs.
