Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Apache — Vulnerabilities & Security Advisories 91

Browse all 91 CVE security advisories affecting Apache. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by Apache:Apache TomcatApache HTTP ServerApache OFBizApache TikaOFBizVCLOlingoApache CXFApache JSPWikiApache ArchivaApache TapestryApache ThriftCXFApache CamelKafkaApache SpamAssassinApache SolrApache FineractStormSolrHertzBeatShiroApache DubboApache XML-RPCATSBeamApache KylinIoTDBApache Commons ConfigurationKylin
CVE IDTitleCVSSSeverityPublished
CVE-2025-58712 Amq: privilege escalation via excessive /etc/passwd permissions — activemq-artemisCWE-276 6.4 Medium2025-10-22
CVE-2024-42362 GHSL-2023-255: HertzBeat Authenticated (user role) RCE via unsafe deserialization in /api/monitors/import — HertzBeatCWE-502 8.8 High2024-08-20
CVE-2024-42361 GHSL-2023-256: HertzBeat Authenticated (guest role) SQL injection in /api/monitor/{monitorId}/metric/{metricFull} — HertzBeatCWE-89 7.5 High2024-08-20
CVE-2021-32824 Regular expression Denial of Service in MooTools — DubboCWE-502 9.8 Critical2023-01-03
CVE-2021-25958 Generation of Error Message Containing Sensitive Information in Apache OFBiz — ofbiz-frameworkCWE-209 6.5 Medium2021-08-30
CVE-2020-11996 Apache Tomcat 资源管理错误漏洞 — Apache Tomcat 7.5 -2020-06-26
CVE-2020-1956 Apache Kylin 操作系统命令注入漏洞 — Kylin 8.8 -2020-05-22
CVE-2019-0235 Apache OFBiz 跨站请求伪造漏洞 — Apache OFBiz 8.8 -2020-04-30
CVE-2019-12425 Apache OFBiz 注入漏洞 — Apache OFBiz 7.5 -2020-04-30
CVE-2020-9482 Apache NiFi Registry 代码问题漏洞 — Apache NiFi Registry 7.1 -2020-04-28
CVE-2020-9481 Apache Traffic Server 资源管理错误漏洞 — ATS--2020-04-27
CVE-2020-1952 Apache IoTDB 信任管理问题漏洞 — IoTDB 9.8 -2020-04-27
CVE-2020-9488 Apache Log4j 信任管理问题漏洞 — Apache Log4j 3.7 -2020-04-27
CVE-2020-1927 Apache HTTP Server 输入验证错误漏洞 — Apache HTTP ServerCWE-601 6.1 -2020-04-01
CVE-2020-1958 Apache Druid 注入漏洞 — Apache Druid 6.5 -2020-04-01
CVE-2019-17564 Apache Dubbo 安全漏洞 — Apache Dubbo 9.8 -2020-04-01
CVE-2018-11802 Apache Solr 安全漏洞 — Apache Solr 7.1 -2020-04-01
CVE-2020-1954 Apache CXF 信息泄露漏洞 — Apache CXF 5.9 -2020-04-01
CVE-2020-1934 Apache HTTP Server 安全漏洞 — Apache HTTP Server 7.5 -2020-04-01
CVE-2020-1943 Apache OFBiz 跨站脚本漏洞 — Apache OFBiz 6.1 -2020-04-01
CVE-2020-1950 Apache Tika 资源管理错误漏洞 — Apache Tika 5.5 -2020-03-23
CVE-2020-1953 Apache Commons Configuration 输入验证错误漏洞 — Apache Commons Configuration 9.8 -2020-03-13
CVE-2011-2487 Apache WSS4J 加密问题漏洞 — WSS4J 5.9 -2020-03-11
CVE-2020-1938 Apache Tomcat 安全漏洞 — Apache Tomcat 9.8 -2020-02-24
CVE-2020-1935 Apache Tomcat 环境问题漏洞 — Apache Tomcat 4.8 -2020-02-24
CVE-2019-17569 Apache Tomcat 环境问题漏洞 — Apache Tomcat 4.8 -2020-02-24
CVE-2020-1937 Apache Kylin SQL注入漏洞 — Apache Kylin 9.8 -2020-02-24
CVE-2014-4651 Rackspace jclouds 输入验证错误漏洞 — Apache jclouds 9.8 -2020-02-18
CVE-2019-12426 Apache OFBiz 信息泄露漏洞 — Apache OFBiz 5.3 -2020-02-06
CVE-2019-17570 Apache XML-RPC 代码问题漏洞 — Apache XML-RPC 9.8 -2020-01-23

This page lists every published CVE security advisory associated with Apache. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.