What is the Octopus CNA?
Octopus is a CVE Numbering Authority (CNA) — an organization authorized to assign CVE IDs to vulnerabilities in its scope. It has published 62 CVE records since 2021.
How many CVEs has Octopus published?
Octopus has published 62 CVE records, including 16 in the last two years.
What is Octopus's CVE data quality grade?
RadicalNotion.AI grades Octopus's CVE data quality as C, with an overall completeness score of 70.2%. This reflects how consistently its CVE records include vendor (100%), product (100%), CVSS (30.6%), and CWE (50%) information.
What products does Octopus publish CVEs for?
Octopus most frequently publishes CVEs for Octopus Server, windows, linux kernel, server, octopus deploy.
Which vendors does Octopus cover?
Octopus publishes CVEs across 2 distinct vendors, most often Octopus Deploy, octopus, microsoft, linux, octopusdeploy.
Is Octopus actively publishing CVEs?
Octopus is currently active, based on 16 CVEs in the last two years.
What is the average severity of Octopus's CVEs?
The average CVSS base score across Octopus's scored CVEs is 4.7.
How many critical CVEs has Octopus published?
Octopus has published 3 critical-severity CVEs and 7 high-severity CVEs.
Are any of Octopus's CVEs in CISA's Known Exploited Vulnerabilities catalog?
No. None of Octopus's CVEs are currently listed in CISA's Known Exploited Vulnerabilities (KEV) catalog.
What are the most common weakness types in Octopus's CVEs?
Octopus's CVEs most often map to these CWE weakness types: CWE-79 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')), CWE-209 (Generation of Error Message Containing Sensitive Information), CWE-863 (Incorrect Authorization), CWE-532 (Insertion of Sensitive Information into Log File).
How does Octopus rank among CNAs?
By total CVE volume, Octopus ranks #150 of 370 CNAs, and it reports more complete CVE records than 20% of all CNAs.
