- What is the kubernetes CNA?
- kubernetes is a CVE Numbering Authority (CNA) — an organization authorized to assign CVE IDs to vulnerabilities in its scope. It has published 97 CVE records since 2017.
- How many CVEs has kubernetes published?
- kubernetes has published 97 CVE records, including 27 in the last two years.
- What is kubernetes's CVE data quality grade?
- RadicalNotion.AI grades kubernetes's CVE data quality as A, with an overall completeness score of 97.7%. This reflects how consistently its CVE records include vendor (100%), product (100%), CVSS (97.9%), and CWE (92.8%) information.
- What products does kubernetes publish CVEs for?
- kubernetes most frequently publishes CVEs for Kubernetes, k8s.io/kubernetes, ingress-nginx, k8s.io/ingress-nginx, openshift container platform.
- Which vendors does kubernetes cover?
- kubernetes publishes CVEs across 2 distinct vendors, most often Kubernetes, k8s.io, kubernetes-sigs, Red Hat, fedoraproject.
- Is kubernetes actively publishing CVEs?
- kubernetes is currently active, based on 27 CVEs in the last two years.
- What is the average severity of kubernetes's CVEs?
- The average CVSS base score across kubernetes's scored CVEs is 6.3.
- How many critical CVEs has kubernetes published?
- kubernetes has published 7 critical-severity CVEs and 38 high-severity CVEs.
- Are any of kubernetes's CVEs in CISA's Known Exploited Vulnerabilities catalog?
- No. None of kubernetes's CVEs are currently listed in CISA's Known Exploited Vulnerabilities (KEV) catalog.
- What are the most common weakness types in kubernetes's CVEs?
- kubernetes's CVEs most often map to these CWE weakness types: CWE-20 (Improper Input Validation), CWE-532 (Insertion of Sensitive Information into Log File), CWE-798 (Use of Hard-coded Credentials), CWE-61 (UNIX Symbolic Link (Symlink) Following).
- How does kubernetes rank among CNAs?
- By total CVE volume, kubernetes ranks #126 of 370 CNAs, and it reports more complete CVE records than 47% of all CNAs.