Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Apache Software Foundation — Vulnerabilities & Security Advisories 1685

Browse all 1685 CVE security advisories affecting Apache Software Foundation. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by Apache Software Foundation:Apache AirflowApache HTTP ServerApache TomcatApache SupersetApache Traffic ServerApache NiFiApache OFBizApache InLongApache DolphinSchedulerApache OpenOfficeApache CloudStackApache StrutsApache SolrApache OpenMeetingsApache ZeppelinApache CamelApache CXFApache HadoopApache FineractApache GeodeApache JSPWikiApache KylinApache DubboApache PulsarApache AmbariApache HiveApache SparkApache ActiveMQApache TikaApache Ranger
CVE IDTitleCVSSSeverityPublished
CVE-2020-17531 Deserialization flaw in EOL Tapestry 4. — Apache TapestryCWE-502 9.8 -2020-12-08
CVE-2020-17521 Apache Groovy 安全漏洞 — Apache Groovy 4.3 -2020-12-07
CVE-2020-13945 Apache Apisix 安全漏洞 — Apache APISIX 6.5 -2020-12-07
CVE-2020-17527 Apache Tomcat: Request header mix-up between HTTP/2 streams — Apache TomcatCWE-200 7.5 -2020-12-03
CVE-2020-13942 Remote Code Execution in Apache Unomi — Apache UnomiCWE-20 9.1 -2020-11-24
CVE-2020-13954 Apache CXF Reflected XSS in the services listing page via the styleSheetPath — Apache CXFCWE-79 6.1 -2020-11-12
CVE-2020-9485 Apache Airflow 跨站脚本漏洞 — Apache Airflow 5.4 -2020-07-16
CVE-2020-11983 Apache Airflow 跨站脚本漏洞 — Apache Airflow 5.4 -2020-07-16
CVE-2020-11982 Apache Airflow 代码问题漏洞 — Apache Airflow 9.8 -2020-07-16
CVE-2020-11981 Apache Airflow 操作系统命令注入漏洞 — Apache Airflow 9.8 -2020-07-16
CVE-2020-11978 Apache Airflow 操作系统操作系统命令注入漏洞 — Apache Airflow 8.8 -2020-07-16
CVE-2020-9494 Apache Traffic Server 缓冲区错误漏洞 — Apache Traffic Server 7.5 -2020-06-24
CVE-2020-9480 Apache Spark 访问控制错误漏洞 — Apache Spark 9.8 -2020-06-23
CVE-2020-11989 Apache Shiro 授权问题漏洞 — Apache Shiro 9.8 -2020-06-22
CVE-2020-1947 Apache ShardingSphere 代码问题漏洞 — Apache ShardingSphere(incubator) 9.8 -2020-03-11
CVE-2015-2992 Apache Struts 跨站脚本漏洞 — Apache Struts 6.1 -2020-02-27
CVE-2020-1930 Apache SpamAssassin 操作系统命令注入漏洞 — Apache SpamAssassin 7.5 -2020-01-30
CVE-2020-1931 Apache SpamAssassin 操作系统命令注入漏洞 — Apache SpamAssassin 8.1 -2020-01-30
CVE-2020-1940 Apache Jackrabbit Oak 信息泄露漏洞 — Apache Jackrabbit Oak 7.5 -2020-01-28
CVE-2020-1932 Apache Superset 信息泄露漏洞 — Apache Superset 6.5 -2020-01-28
CVE-2020-1933 Apache NiFi 跨站脚本漏洞 — Apache NiFi 6.1 -2020-01-28
CVE-2020-1928 Apache NiFi 日志信息泄露漏洞 — Apache NiFi 7.5 -2020-01-28
CVE-2020-1925 Apache Olingo 代码问题漏洞 — Apache Olingo 7.5 -2020-01-09
CVE-2019-12418 Apache Tomcat 安全漏洞 — Apache Tomcat 7.0 -2019-12-23
CVE-2019-17563 Apache Tomcat 授权问题漏洞 — Apache Tomcat 7.5 -2019-12-23
CVE-2019-17571 Apache Log4j 代码问题漏洞 — Log4jCWE-502 8.1 -2019-12-20
CVE-2018-1311 Apache Xerces-C 资源管理错误漏洞 — Apache Xerces-C 8.1 -2019-12-18
CVE-2019-12408 Apache Arrow 代码问题漏洞 — Apache Arrow--2019-11-08
CVE-2019-12410 Apache Arrow 代码问题漏洞 — Apache Arrow 7.5 -2019-11-08
CVE-2019-10084 Apache Impala 访问控制错误漏洞 — Impala 7.5 -2019-11-05

This page lists every published CVE security advisory associated with Apache Software Foundation. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.