What is the mozilla CNA?
mozilla is a CVE Numbering Authority (CNA) — an organization authorized to assign CVE IDs to vulnerabilities in its scope. It has published 2,210 CVE records since 2013.
How many CVEs has mozilla published?
mozilla has published 2,210 CVE records, including 411 in the last two years.
What is mozilla's CVE data quality grade?
RadicalNotion.AI grades mozilla's CVE data quality as F, with an overall completeness score of 43.6%. This reflects how consistently its CVE records include vendor (72.5%), product (72.8%), CVSS (0.2%), and CWE (28.9%) information.
What products does mozilla publish CVEs for?
mozilla most frequently publishes CVEs for Firefox, Thunderbird, Firefox ESR, debian linux, ubuntu linux.
Which vendors does mozilla cover?
mozilla publishes CVEs across 4 distinct vendors, most often Mozilla, debian, canonical, opensuse, redhat.
Is mozilla actively publishing CVEs?
mozilla is currently active, based on 411 CVEs in the last two years.
What is the average severity of mozilla's CVEs?
The average CVSS base score across mozilla's scored CVEs is 5.4.
How many critical CVEs has mozilla published?
mozilla has published 186 critical-severity CVEs and 374 high-severity CVEs.
Are any of mozilla's CVEs in CISA's Known Exploited Vulnerabilities catalog?
Yes. 12 of mozilla's CVEs are listed in CISA's Known Exploited Vulnerabilities (KEV) catalog, meaning they are confirmed to be exploited in the wild.
What are the most common weakness types in mozilla's CVEs?
mozilla's CVEs most often map to these CWE weakness types: CWE-416 (Use After Free), CWE-787 (Out-of-bounds Write), CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer), CWE-79 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')).
How does mozilla rank among CNAs?
By total CVE volume, mozilla ranks #23 of 370 CNAs, and it reports more complete CVE records than 5% of all CNAs.
