- How many CVEs does amazon have?
- amazon has 211 published CVE records since 2012, including 65 in the last two years.
- How many amazon CVEs are in CISA KEV?
- Yes — 2 of amazon's CVEs are listed in CISA's Known Exploited Vulnerabilities catalog, confirmed exploited in the wild and carrying a CISA remediation deadline.
- Which amazon products have the most CVEs?
- The amazon products with the most published CVEs are FreeRTOS, amazon web services freertos, fire os, opensearch, freertos-plus-tcp.
- What are the most common weakness types in amazon CVEs?
- amazon's CVEs most often map to these CWE weakness types: CWE-295 (Improper Certificate Validation), CWE-78 (Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')), CWE-863 (Incorrect Authorization), CWE-22 (Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')).
- Are there public exploits for amazon vulnerabilities?
- Yes — 12 of amazon's CVEs have a known public exploit.
- How many critical amazon vulnerabilities are there?
- amazon has 25 critical and 108 high-severity CVEs.
- What is the average severity of amazon CVEs?
- The average CVSS base score across amazon's scored CVEs is 7.3.