Comparison Overview

Hainan Airlines

VS

China Eastern Airlines, North America

Hainan Airlines

Comprehensive Office Building No.21,Hainan Airlines Haikou Meilan Base, No.9, Meilan Airport Road, haikou, hainan, CN
Last Update: 2025-12-10
View Profile
Between 750 and 799
http://www.hnair.com

Hainan Airlines holding company was established in 1993 from their main base in Haikou, and continued on to develop seven shipping bases in China with routes covering Asia and radiating into Europe, North America, Oceania and Africa. In all, Hainan Airlines has opened up almost 500 domestic and international flight routes, reaching almost 100 destinations. For over 20 years Hainan Airlines has embraced the concept of “Oriental hospitality” and advocates a “respect for the customer” service spirit. As a world-class aviation enterprise the “cherished experience” brand philosophy isn’t just our business, it’s our calling. Each year, Hainan Airlines provides thousands of passengers with safe, attentive service. We promote tourism, give peace of mind to loved-ones, meet the unique needs of our business travelers, and focus on making your safety and comfort, our priority. Today Hainan Airlines has over 10,000 employees all over the world, each with their own language, experience, and story. HNA cherishes each and every employee's knowledge and wholeheartedly respects each employee’s contribution. Our next milestone at Hainan Airlines is global diversification and the aggressive development of an international perspective. We can offer challenges, passion and possibilities and in return, we need your vision, experience and creativity.

NAICS: 481
NAICS Definition: Air Transportation
Employees: 3,465
Subsidiaries: 20
12-month incidents
0
Known data breaches
0
Attack type number
0
View Profile

China Eastern Airlines, North America

Hongqiao International Airport Shanghai, CN
Last Update: 2025-12-09
Between 750 and 799
https://us.ceair.com

As one of the three major air carriers in China, headquartered in Shanghai, China Eastern Airlines operates 111 domestic and overseas branches across the globe. Flying a fleet of 730 aircraft which is one of the youngest fleets in major airlines worldwide. Moreover, it boasts the largest-scale in-flight Wi-Fi wide-bodied fleet with leading commercial and technical models in China. The annual passenger turnover of CEA exceeds more than 130 million, ranking top 10 among global airlines As an official member of SkyTeam, China Eastern has extended its flight network from Shanghai to 1036 cities in 170 countries via close cooperation with alliance members. Frequent Flyer of Eastern Miles are privileged with 790 lounges worldwide within all 19 SkyTeam member airlines. China Eastern serves non-stop flights from Los Angeles, New York, San Francisco, Chicago, Vancouver and Toronto to Shanghai, along with the comprehensive flight network covering more than 110 cities in China, connecting Asia, Europe and Oceania. Focusing on providing high-quality aviation transport service, China Eastern has won awards at home and abroad in the fields of operation quality, service experience, CSR, etc., including the Flight Safety Diamond Award by CAAC - the highest flight safety award in China, nine consecutive years of Top 50 Most Valuable Chinese Brands by the Brand Rating Agency WPP, four consecutive years’ nomination of “Global Top 500 Most Valuable Brand” by UK's Brand Rating Agency - Brand Finance, two consecutive years of Top 20 Chinese Enterprises Global Image Award-ranking first in the transportation industry. Additionally, China Eastern got the A rating in the latest ESG (Environmental, Social and Governance) criteria and listed the first place along with other five airlines, according to global index compiler MSCI.

NAICS: 481
NAICS Definition: Air Transportation
Employees: 10,001
Subsidiaries: 0
12-month incidents
0
Known data breaches
0
Attack type number
0

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/china-hainan-airlines.jpeg
Hainan Airlines
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
https://images.rankiteo.com/companyimages/china-eastern-airlines-north-america.jpeg
China Eastern Airlines, North America
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
Compliance Summary
Hainan Airlines
100%
Compliance Rate
0/4 Standards Verified
China Eastern Airlines, North America
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs Airlines and Aviation Industry Average (This Year)

No incidents recorded for Hainan Airlines in 2025.

Incidents vs Airlines and Aviation Industry Average (This Year)

No incidents recorded for China Eastern Airlines, North America in 2025.

Incident History — Hainan Airlines (X = Date, Y = Severity)

Hainan Airlines cyber incidents detection timeline including parent company and subsidiaries

Incident History — China Eastern Airlines, North America (X = Date, Y = Severity)

China Eastern Airlines, North America cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/china-hainan-airlines.jpeg
Hainan Airlines
Incidents

No Incident

https://images.rankiteo.com/companyimages/china-eastern-airlines-north-america.jpeg
China Eastern Airlines, North America
Incidents

No Incident

FAQ

China Eastern Airlines, North America company demonstrates a stronger AI Cybersecurity Score compared to Hainan Airlines company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

Historically, China Eastern Airlines, North America company has disclosed a higher number of cyber incidents compared to Hainan Airlines company.

In the current year, China Eastern Airlines, North America company and Hainan Airlines company have not reported any cyber incidents.

Neither China Eastern Airlines, North America company nor Hainan Airlines company has reported experiencing a ransomware attack publicly.

Neither China Eastern Airlines, North America company nor Hainan Airlines company has reported experiencing a data breach publicly.

Neither China Eastern Airlines, North America company nor Hainan Airlines company has reported experiencing targeted cyberattacks publicly.

Neither Hainan Airlines company nor China Eastern Airlines, North America company has reported experiencing or disclosing vulnerabilities publicly.

Neither Hainan Airlines nor China Eastern Airlines, North America holds any compliance certifications.

Neither company holds any compliance certifications.

Hainan Airlines company has more subsidiaries worldwide compared to China Eastern Airlines, North America company.

China Eastern Airlines, North America company employs more people globally than Hainan Airlines company, reflecting its scale as a Airlines and Aviation.

Neither Hainan Airlines nor China Eastern Airlines, North America holds SOC 2 Type 1 certification.

Neither Hainan Airlines nor China Eastern Airlines, North America holds SOC 2 Type 2 certification.

Neither Hainan Airlines nor China Eastern Airlines, North America holds ISO 27001 certification.

Neither Hainan Airlines nor China Eastern Airlines, North America holds PCI DSS certification.

Neither Hainan Airlines nor China Eastern Airlines, North America holds HIPAA certification.

Neither Hainan Airlines nor China Eastern Airlines, North America holds GDPR certification.

Latest Global CVEs (Not Company-Specific)

Description

NXLog Agent before 6.11 can load a file specified by the OPENSSL_CONF environment variable.

Published
Date
2025-12-14
Updated
Date
2025-12-14
Risk Information
cvss3
Base: 8.1
Severity: HIGH
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
References
Description

uriparser through 0.9.9 allows unbounded recursion and stack consumption, as demonstrated by ParseMustBeSegmentNzNc with large input containing many commas.

Published
Date
2025-12-14
Updated
Date
2025-12-14
Risk Information
cvss3
Base: 2.9
Severity: HIGH
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
References
Description

A vulnerability was detected in Mayan EDMS up to 4.10.1. The affected element is an unknown function of the file /authentication/. The manipulation results in cross site scripting. The attack may be performed from remote. The exploit is now public and may be used. Upgrading to version 4.10.2 is sufficient to fix this issue. You should upgrade the affected component. The vendor confirms that this is "[f]ixed in version 4.10.2". Furthermore, that "[b]ackports for older versions in process and will be out as soon as their respective CI pipelines complete."

Published
Date
2025-12-14
Updated
Date
2025-12-14
Risk Information
cvss2
Base: 5.0
Severity: LOW
AV:N/AC:L/Au:N/C:N/I:P/A:N
cvss3
Base: 4.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
cvss4
Base: 5.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

MJML through 4.18.0 allows mj-include directory traversal to test file existence and (in the type="css" case) read files. NOTE: this issue exists because of an incomplete fix for CVE-2020-12827.

Published
Date
2025-12-14
Updated
Date
2025-12-14
Risk Information
cvss3
Base: 4.5
Severity: HIGH
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:L
References
Description

A half-blind Server Side Request Forgery (SSRF) vulnerability exists in kube-controller-manager when using the in-tree Portworx StorageClass. This vulnerability allows authorized users to leak arbitrary information from unprotected endpoints in the control plane’s host network (including link-local or loopback services).

Published
Date
2025-12-14
Updated
Date
2025-12-14
Risk Information
cvss3
Base: 5.8
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N
References