What is the ODA CNA?
ODA is a CVE Numbering Authority (CNA) — an organization authorized to assign CVE IDs to vulnerabilities in its scope. It has published 5 CVE records since 2023.
How many CVEs has ODA published?
ODA has published 5 CVE records, including 3 in the last two years.
What is ODA's CVE data quality grade?
RadicalNotion.AI grades ODA's CVE data quality as A, with an overall completeness score of 100%. This reflects how consistently its CVE records include vendor (100%), product (100%), CVSS (100%), and CWE (100%) information.
What products does ODA publish CVEs for?
ODA most frequently publishes CVEs for drawings sdk, CDE Server, CDE inWEB SDK, ODA Drawings SDK - All Versions < 2024.12, ODA Drawings SDK - All Versions < 2025.10.
Which vendors does ODA cover?
ODA publishes CVEs across 1 distinct vendors, most often Open Design Alliance, opendesign.
Is ODA actively publishing CVEs?
ODA is currently active, based on 3 CVEs in the last two years.
What is the average severity of ODA's CVEs?
The average CVSS base score across ODA's scored CVEs is 7.5.
Are any of ODA's CVEs in CISA's Known Exploited Vulnerabilities catalog?
No. None of ODA's CVEs are currently listed in CISA's Known Exploited Vulnerabilities (KEV) catalog.
What are the most common weakness types in ODA's CVEs?
ODA's CVEs most often map to these CWE weakness types: CWE-787 (Out-of-bounds Write), CWE-125 (Out-of-bounds Read), CWE-200 (Exposure of Sensitive Information to an Unauthorized Actor), CWE-457 (Use of Uninitialized Variable).
How does ODA rank among CNAs?
By total CVE volume, ODA ranks #357 of 370 CNAs, and it reports more complete CVE records than 60% of all CNAs.
