What is the odoo CNA?
odoo is a CVE Numbering Authority (CNA) — an organization authorized to assign CVE IDs to vulnerabilities in its scope. It has published 34 CVE records since 2019.
How many CVEs has odoo published?
odoo has published 34 CVE records, including 2 in the last two years.
What is odoo's CVE data quality grade?
RadicalNotion.AI grades odoo's CVE data quality as A, with an overall completeness score of 100%. This reflects how consistently its CVE records include vendor (100%), product (100%), CVSS (100%), and CWE (100%) information.
What products does odoo publish CVEs for?
odoo most frequently publishes CVEs for odoo, Odoo Enterprise, Odoo Community, odoo_community, odoo_enterprise.
Which vendors does odoo cover?
odoo publishes CVEs across 1 distinct vendors, most often Odoo, Bitnami, python.
Is odoo actively publishing CVEs?
odoo is currently active, based on 2 CVEs in the last two years.
What is the average severity of odoo's CVEs?
The average CVSS base score across odoo's scored CVEs is 7.1.
How many critical CVEs has odoo published?
odoo has published 1 critical-severity CVEs and 17 high-severity CVEs.
Are any of odoo's CVEs in CISA's Known Exploited Vulnerabilities catalog?
No. None of odoo's CVEs are currently listed in CISA's Known Exploited Vulnerabilities (KEV) catalog.
What are the most common weakness types in odoo's CVEs?
odoo's CVEs most often map to these CWE weakness types: CWE-284 (Improper Access Control), CWE-79 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')), CWE-267 (Privilege Defined With Unsafe Actions), CWE-20 (Improper Input Validation).
How does odoo rank among CNAs?
By total CVE volume, odoo ranks #207 of 370 CNAs, and it reports more complete CVE records than 60% of all CNAs.
