- How many CVEs does openSUSE have?
- openSUSE has 3,314 published CVE records since 2007, including 16 in the last two years.
- How many openSUSE CVEs are in CISA KEV?
- Yes — 58 of openSUSE's CVEs are listed in CISA's Known Exploited Vulnerabilities catalog, confirmed exploited in the wild and carrying a CISA remediation deadline.
- Which openSUSE products have the most CVEs?
- The openSUSE products with the most published CVEs are Leap, opensuse, backports sle, backports, evergreen.
- What are the most common weakness types in openSUSE CVEs?
- openSUSE's CVEs most often map to these CWE weakness types: CWE-125 (Out-of-bounds Read), CWE-20 (Improper Input Validation), CWE-59 (Improper Link Resolution Before File Access ('Link Following')), CWE-416 (Use After Free).
- Are there public exploits for openSUSE vulnerabilities?
- Yes — 307 of openSUSE's CVEs have a known public exploit.
- How many critical openSUSE vulnerabilities are there?
- openSUSE has 460 critical and 1,246 high-severity CVEs.
- What is the average severity of openSUSE CVEs?
- The average CVSS base score across openSUSE's scored CVEs is 6.9.