- What is the openjs CNA?
- openjs is a CVE Numbering Authority (CNA) — an organization authorized to assign CVE IDs to vulnerabilities in its scope. It has published 5 CVE records since 2025.
- How many CVEs has openjs published?
- openjs has published 5 CVE records, including 5 in the last two years.
- What is openjs's CVE data quality grade?
- RadicalNotion.AI grades openjs's CVE data quality as A, with an overall completeness score of 100%. This reflects how consistently its CVE records include vendor (100%), product (100%), CVSS (100%), and CWE (100%) information.
- What products does openjs publish CVEs for?
- openjs most frequently publishes CVEs for Red Hat Enterprise Linux 9, undici, Red Hat OpenShift AI (RHOAI), Red Hat Enterprise Linux 10, Self-service automation portal 2.
- Which vendors does openjs cover?
- openjs publishes CVEs across 8 distinct vendors, most often fastify, Red Hat, Node.js, undici, expressjs.
- Is openjs actively publishing CVEs?
- openjs is currently active, based on 5 CVEs in the last two years.
- What is the average severity of openjs's CVEs?
- The average CVSS base score across openjs's scored CVEs is 5.7.
- How many critical CVEs has openjs published?
- openjs has published 10 critical-severity CVEs and 28 high-severity CVEs.
- Are any of openjs's CVEs in CISA's Known Exploited Vulnerabilities catalog?
- No. None of openjs's CVEs are currently listed in CISA's Known Exploited Vulnerabilities (KEV) catalog.
- What are the most common weakness types in openjs's CVEs?
- openjs's CVEs most often map to these CWE weakness types: CWE-436 (Interpretation Conflict), CWE-400 (Uncontrolled Resource Consumption), CWE-248 (Uncaught Exception), CWE-770 (Allocation of Resources Without Limits or Throttling).
- How does openjs rank among CNAs?
- By total CVE volume, openjs ranks #357 of 370 CNAs, and it reports more complete CVE records than 60% of all CNAs.