Messages by Date
-
2024/07/22
CVE-2024-29070: Apache StreamPark: session not invalidated after logout
Huajie Wang
-
2024/07/22
[ANNOUNCE] Apache Pulsar Go Client 0.13.0 released
Zike Yang
-
2024/07/22
[ANNOUNCE] Apache Kyuubi Shaded released 0.4.1
Cheng Pan
-
2024/07/22
[ANN] Apache Syncope 3.0.8
Francesco Chicchiriccò
-
2024/07/22
CVE-2024-38503: Apache Syncope: HTML tags can be injected into Console or Enduser text fields
Francesco Chicchiriccò
-
2024/07/22
CVE-2024-34457: Apache StreamPark IDOR Vulnerability
Huajie Wang
-
2024/07/22
CVE-2024-23321: Apache RocketMQ: Unauthorized Exposure of Sensitive Data
Rongtong Jin
-
2024/07/20
Apache Submarine is now retired
Hervé Boutemy
-
2024/07/19
[ANNOUNCE] Apache Qpid protonj2 1.0.0-M21 released
Timothy Bish
-
2024/07/19
[ANNOUNCE] Apache bRPC 1.10.0 released
Xiaofeng
-
2024/07/19
[ANNOUNCE] Apache CloudStack CVE-2024-41107: SAML Signature Exclusion
Abhishek Kumar
-
2024/07/19
CVE-2024-32007: Apache CXF Denial of Service vulnerability in JOSE
Colm O hEigeartaigh
-
2024/07/19
CVE-2024-41172: Unrestricted memory consumption in CXF HTTP clients
Colm O hEigeartaigh
-
2024/07/19
CVE-2024-29736: Apache CXF: SSRF vulnerability via WADL stylesheet parameter
Colm O hEigeartaigh
-
2024/07/19
CVE-2024-41107: Apache CloudStack: SAML Signature Exclusion
Rohit Yadav
-
2024/07/19
[ANNOUNCE] Apache Arrow 17.0.0 released
Raúl Cumplido
-
2024/07/18
[ANNOUNCE] Apache Commons Lang Version 3.15.0
Gary Gregory
-
2024/07/18
CVE-2024-29178: Apache StreamPark: FreeMarker SSTI RCE Vulnerability
Huajie Wang
-
2024/07/17
CVE-2024-40898: Apache HTTP Server: SSRF with mod_rewrite in server/vhost context on Windows
Eric Covener
-
2024/07/17
CVE-2024-40725: Apache HTTP Server: source code disclosure with handlers configured via AddType
Eric Covener
-
2024/07/17
CVE-2024-29120: Apache StreamPark: Information leakage vulnerability
Huajie Wang
-
2024/07/17
[ANNOUNCE] Apache Tika 3.0.0-BETA2 released
Tim Allison
-
2024/07/16
CVE-2024-29737: Apache StreamPark (incubating): maven build params could trigger remote command execution
Huajie Wang
-
2024/07/16
CVE-2023-52291: Apache StreamPark (incubating): Unchecked maven build params could trigger remote command execution
Huajie Wang
-
2024/07/16
[ANNOUNCE] Apache StreamPipes 0.95.1
Dominik Riemer
-
2024/07/16
CVE-2024-31979: Apache StreamPipes: Possibility of SSRF in pipeline element installation process
Dominik Riemer
-
2024/07/16
CVE-2024-31411: Apache StreamPipes: Potential remote code execution (RCE) via file upload
Dominik Riemer
-
2024/07/16
CVE-2024-30471: Apache StreamPipes: Potential creation of multiple identical accounts
Dominik Riemer
-
2024/07/16
[ANNOUNCE] Apache Linkis 1.6.0 released
peacewong
-
2024/07/16
[ANNOUNCE] Apache Commons RNG 1.6 released
Alex Herbert
-
2024/07/16
[ANNOUNCE] Apache Airflow 2.9.3 Released
Utkarsh Sharma
-
2024/07/16
CVE-2024-39877: Apache Airflow: DAG Author Code Execution possibility in airflow-scheduler
Ephraim Anierobi
-
2024/07/16
CVE-2024-39863: Apache Airflow: Potential XSS Vulnerability
Ephraim Anierobi
-
2024/07/16
CVE-2024-39887: Apache Superset: Improper SQL authorisation, parse not checking for specific engine functions
Daniel Gaspar
-
2024/07/16
[ANNOUNCE] Apache Uniffle (Incubating) 0.9.0 available
Enrico Minack
-
2024/07/16
[ANNOUNCE] Apache Commons Codec 1.17.1
Gary Gregory
-
2024/07/15
CVE-2023-52290: Apache StreamPark (incubating): Unchecked SQL query fields trigger SQL injection vulnerability
Huajie Wang
-
2024/07/15
[ANNOUNCE] Apache Camel 4.7.0 Released
Gregor Zurowski
-
2024/07/15
[ANN] Apache Tomcat 10.1.26 Available
Christopher Schultz
-
2024/07/15
[ANNOUNCE] Apache Airflow Providers prepared on July 12, 2024 are released
Elad Kalif
-
2024/07/15
[ANNOUNCE] Release Apache SkyWalking Client JS version 0.12.0
xue fan
-
2024/07/13
CVE-2023-49566: Apache Linkis DataSource: JDBC Datasource Module with DB2 has JNDI Injection vulnerability
Heping Wang
-
2024/07/13
CVE-2023-46801: Apache Linkis DataSource: Remote code execution vulnerability in apache Linkis 1.4.0
Heping Wang
-
2024/07/13
CVE-2023-41916: Apache Linkis DataSource: DatasourceManager module has a JDBC parameter judgment logic vulnerability that allows for arbitrary file reading
Heping Wang
-
2024/07/12
[ANNOUNCE] Apache Airflow Providers prepared on July 09, 2024 are released
Elad Kalif
-
2024/07/12
[ANNOUNCE] Apache Pekko Connectors 1.1.0-M1 released
PJ Fanning
-
2024/07/12
[ANNOUNCE] Apache Jackrabbit Oak 1.66.0 released
Julian Reschke
-
2024/07/12
CVE-2024-36522: Apache Wicket: Remote code execution via XSLT injection
Martin Tzvetanov Grigorov
-
2024/07/09
[ANNOUNCE] Apache NiFi 1.27.0 Released
David Handermann
-
2024/07/08
[ANNOUNCE] Apache Bigtop 3.3.0 released
Masatake Iwasaki
-
2024/07/08
[ANNOUNCE] Apache Pulsar Node.js client 1.11.1 released
Baodi Shi
-
2024/07/08
[ANN] Apache Causeway version 2.1.0 and 3.1.0 Released
Dan Haywood
-
2024/07/08
[ANN] Apache Tomcat 9.0.91 available
Rémy Maucherat
-
2024/07/07
CVE-2024-37389: Apache NiFi: Improper Neutralization of Input in Parameter Context Description
David Handermann
-
2024/07/07
[ANNOUNCE] Release Apache OpenDAL 0.47.3
Xuanwo
-
2024/07/07
[SECURITY] CVE-2024-34750 Apache Tomcat - Denial of Service
Mark Thomas
-
2024/07/05
[ANN] Apache Tomcat 11.0.0-M22 (beta) available
Mark Thomas
-
2024/07/05
[ANNOUNCE] Apache CloudStack LTS Security Releases 4.18.2.1 and 4.19.0.2
Abhishek Kumar
-
2024/07/05
[ANNOUNCE] Apache Airflow Providers prepared on July 02, 2024 are released
Jarek Potiuk
-
2024/07/05
[ANNOUNCE] Apache ServiceComb Java Chassis version 3.2.0 Released
liubao
-
2024/07/05
[ANNOUNCE] Apache ServiceComb Java Chassis version 2.8.18 Released
liubao
-
2024/07/05
[ANNOUNCE] Apache Arrow ADBC 13 released
David Li
-
2024/07/04
[ANNOUNCE] Apache Commons Logging 1.3.3
Gary Gregory
-
2024/07/03
[ANNOUNCEMENT] Apache HTTP Server 2.4.61 Released
covener
-
2024/07/03
CVE-2024-39884: Apache HTTP Server: source code disclosure with handlers configured via AddType
Eric Covener
-
2024/07/03
[ANNOUNCEMENT] HttpComponents Core 5.2.5 GA released
Oleg Kalnichevski
-
2024/07/02
[ANNOUNCE] Release Apache OpenDAL 0.47.2
Xuanwo
-
2024/07/02
[ANNOUNCE] Apache POI 5.3.0 release
PJ Fanning
-
2024/07/02
[ANNOUNCEMENT] Apache HTTP Server 2.4.60 Released
covener
-
2024/07/01
[ANNOUNCE] Apache NiFi 2.0.0-M4 Released
David Handermann
-
2024/07/01
CVE-2024-39573: Apache HTTP Server: mod_rewrite proxy handler substitution
Eric Covener
-
2024/07/01
CVE-2024-38477: Apache HTTP Server: Crash resulting in Denial of Service in mod_proxy via a malicious request
Eric Covener
-
2024/07/01
CVE-2024-38476: Apache HTTP Server may use exploitable/malicious backend application output to run local handlers via internal redirect
Eric Covener
-
2024/07/01
CVE-2024-38474: Apache HTTP Server weakness with encoded question marks in backreferences
Eric Covener
-
2024/07/01
CVE-2024-38475: Apache HTTP Server weakness in mod_rewrite when first segment of substitution matches filesystem path.
Eric Covener
-
2024/07/01
CVE-2024-38473: Apache HTTP Server proxy encoding problem
Eric Covener
-
2024/07/01
CVE-2024-38472: Apache HTTP Server on WIndows UNC SSRF
Eric Covener
-
2024/07/01
CVE-2024-36387: Apache HTTP Server: DoS by Null pointer in websocket over HTTP/2
Eric Covener
-
2024/07/01
[ANNOUNCE] Apache Kafka 3.7.1
Igor Soarez
-
2024/06/30
[ANNOUNCE] Apache IoTDB 1.3.2 released
Haonan Hou
-
2024/06/30
[ANNOUNCE] Apache Commons Email Parent POM 2.0.0-M1
Gary Gregory
-
2024/06/30
[ANNOUNCE] Apache Groovy 5.0.0-alpha-9 Released
Paul King
-
2024/06/30
[ANNOUNCE] Apache Groovy 4.0.22 Released
Paul King
-
2024/06/30
[ANNOUNCE] Apache Groovy 3.0.22 Released
Paul King
-
2024/06/29
[ANNOUNCE] Apache Doris 2.0.12 & 2.1.4 release
ChenMingyu
-
2024/06/28
[ANNOUNCE] Apache Camel 4.4.3 (LTS) Released
Gregor Zurowski
-
2024/06/27
[ANNOUNCE] Apache Lucene 9.11.1 released
Ignacio Vera
-
2024/06/27
[ANNOUNCE] Apache Airflow Providers prepared on June 22, 2024 are released
Elad Kalif
-
2024/06/27
[ANNOUNCEMENT] HttpComponents Client 5.4-beta1 Released
Oleg Kalnichevski
-
2024/06/26
[ANNOUNCE] Apache BookKeeper 4.17.1 released
ZhangJian He
-
2024/06/25
[ANNOUNCEMENT] HttpComponents Core 5.3-beta1 released
Oleg Kalnichevski
-
2024/06/25
[ANNOUNCE] Apache Pulsar C# Client DotPulsar 3.3.1 released
David Jensen
-
2024/06/25
CVE-2024-27136: Apache JSPWiki: Cross-site scripting vulnerability on upload page
Juan Pablo Santos Rodríguez
-
2024/06/24
[ANNOUNCE] Apache Pekko (Core) 1.0.3 released
PJ Fanning
-
2024/06/24
Fwd: [ANNOUNCE] Apache MINA SSHD 2.13.1 released
Guillaume Nodet
-
2024/06/23
[ANNOUNCE] Apache Drill 1.21.2 Released
James Turton
-
2024/06/23
[ANNOUNCE] Apache Camel 3.21.5 (LTS) Released
Gregor Zurowski
-
2024/06/22
CVE-2024-29868: Apache StreamPipes, Apache StreamPipes: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in Recovery Token Generation
Dominik Riemer
-
2024/06/22
[ANNOUNCE] Apache Impala 3.4.2 release
Quanlong Huang
-
2024/06/21
[ANNOUNCE] Apache Allura 1.17.1 released
Dave Brondsema
-
2024/06/21
CVE-2024-38379: Apache Allura: Stored authenticated XSS
David Philip Brondsema
-
2024/06/21
[ANNOUNCE] Release Apache OpenDAL v0.47.1
Xuanwo
-
2024/06/20
CVE-2024-34693: Apache Superset: Server arbitrary file read
Daniel Gaspar
-
2024/06/19
[ANNOUNCE] Apache Pekko Connectors Kafka 1.1.0-M1 released
PJ Fanning
-
2024/06/19
[ANN] Apache Tomcat 10.1.25 Available
Christopher Schultz
-
2024/06/19
[ANNOUNCE] Apache Ant 1.9.x release series EOL
Jaikiran Pai
-
2024/06/19
[ANN] Apache Tomcat 9.0.90 available
Rémy Maucherat
-
2024/06/18
[ANNOUNCE] Apache SDAP 1.3.0 Released
Riley Kuttruff
-
2024/06/18
[ANNOUNCE] Apache Commons Collections 4.5.0-M2
Gary Gregory
-
2024/06/18
[ANN] Apache Tomcat 11.0.0-M21 (beta) available
Mark Thomas
-
2024/06/18
[ANNOUNCE] Apache Pekko Management 1.1.0-M1 released
PJ Fanning
-
2024/06/18
[ANNOUNCE] Released Reactive client for Apache Pulsar, version 0.5.6
Chris Bono
-
2024/06/17
[ANNOUNCE] Apache StreamPipes 0.95.0
Dominik Riemer
-
2024/06/17
[ANNOUNCE] Apache James JSPF 1.0.4 released
Benoit TELLIER
-
2024/06/17
[ANNOUNCE] Apache Wicket 8.16.0 released
Andrea Del Bene
-
2024/06/15
[ANNOUNCE] Apache Curator 5.7.0 released
tison
-
2024/06/14
[ANNOUNCE] Apache Daffodil 3.8.0 Released
Mike Beckerle
-
2024/06/14
[ANNOUNCE] Apache Jackrabbit 2.22.0 released
Julian Reschke
-
2024/06/13
CVE-2024-25142: Apache Airflow: Cache Control - Storage of Sensitive Data in Browser Cache
Jarek Potiuk
-
2024/06/12
CVE-2024-36265: Apache Submarine Server Core: authorization bypass
Arnout Engelen
-
2024/06/12
CVE-2024-36264: Apache Submarine Commons Utils: default secret
Arnout Engelen
-
2024/06/12
CVE-2024-36263: Apache Submarine Server Core: SQL injection
Arnout Engelen
-
2024/06/11
[ANNOUNCE] Apache Pekko Persistence JDBC 1.1.0-M1 released
PJ Fanning
-
2024/06/11
[ANNOUNCE] Apache Pekko gRPC 1.1.0-M1 released
PJ Fanning
-
2024/06/10
[ANNOUNCE] Apache Commons Configuration 2.11.0
Gary Gregory
-
2024/06/10
[ANNOUNCE] Apache Commons Net 3.11.1
Gary Gregory
-
2024/06/10
[ANNOUNCE] Release Apache OpenDAL 0.47.0
tison
-
2024/06/10
[ANNOUNCE] Apache Allura 1.17.0 released
Dave Brondsema
-
2024/06/10
CVE-2024-36471: Apache Allura: sensitive information exposure via DNS rebinding
David Philip Brondsema
-
2024/06/10
[ANNOUNCE] Apache Airflow 2.9.2 Released
Utkarsh Sharma
-
2024/06/10
[ANNOUNCE] Apache Pulsar C# Client DotPulsar 3.3.0 released
David Jensen
-
2024/06/09
[ANNOUNCE] Apache Airflow Providers prepared on June 07, 2024 are released
Elad Kalif
-
2024/06/07
[ANNOUNCE] Apache Lucene 9.11.0 released
Benjamin Trent
-
2024/06/06
[ANNOUNCE] Apache ServiceComb Java Chassis version 3.1.2 Released
liubao
-
2024/06/06
[ANNOUNCE] Apache Commons JEXL 3.4.0
Gary Gregory
-
2024/06/05
[ANNOUNCE] Apache Jackrabbit 2.21.27-beta released
Julian Reschke
-
2024/06/05
[ANNOUNCE] Apache Commons JEXL 3.4.0
Gary Gregory
-
2024/06/04
[ANNOUNCE] Apache Pulsar Helm Chart version 3.4.1 Released
Lari Hotari
-
2024/06/04
[ANNOUNCE] Apache NetBeans 22 released
Eric Barboni
-
2024/06/03
[ANNOUNCE] Apache Commons JCS 3.2.1
Thomas Vandahl
-
2024/06/02
CVE-2024-36104: Apache OFBiz: Path traversal leading to a RCE
Jacques Le Roux
-
2024/06/02
[ANNOUNCE] Apache Airflow Providers prepared on May 30, 2024 are released
Elad Kalif
-
2024/06/02
[ANNOUNCE] Apache Kyuubi released 1.9.1
Cheng Pan
-
2024/06/02
[ANNOUNCE] Apache FreeMarker 2.3.33 is released
Daniel Dekany
-
2024/06/02
[ANNOUNCE] Apache Wicket 9.18.0 released
Andrea Del Bene
-
2024/06/02
[ANNOUNCE] Apache Wicket 10.1.0 released
Andrea Del Bene
-
2024/05/31
[ANNOUNCE] Apache Commons Net 3.11.0
Gary Gregory
-
2024/05/31
[ANNOUNCE] Apache OFBiz 18.12.14 released
Jacopo Cappellato
-
2024/05/30
[ANNOUNCE] Release Apache Hop 2.9.0
Bart Maertens
-
2024/05/30
[ANNOUNCE] Apache Airflow Providers prepared on May 26, 2024 are released
Elad Kalif
-
2024/05/29
[ANNOUNCE] Apache Solr 9.6.1 released
Houston Putman
-
2024/05/29
[ANNOUNCE] Apache Arrow nanoarrow 0.5.0 Released
Dewey Dunnington
-
2024/05/27
[ANNOUNCE] Apache Jackrabbit Oak 1.64.0 released
Julian Reschke
-
2024/05/27
[ANNOUNCE] Apache Pekko HTTP 1.1.0-M1 released
PJ Fanning
-
2024/05/27
[ANNOUNCE] Apache XMLBeans 5.2.1 release
PJ Fanning
-
2024/05/26
[ANN] Apache Maven 3.9.7 released
Slawomir Jaranowski
-
2024/05/25
[ANNOUNCE] Apache Impala 4.4.0 release
Zoltán Borók-Nagy
-
2024/05/25
[ANNOUNCE] Apache HBase 2.4.18 is now available for download
Duo Zhang
-
2024/05/24
[ANNOUNCEMENT] Commons Daemon 1.4.0 Released
Mark Thomas
-
2024/05/23
[ANNOUNCE] Apache Commons CLI Version 1.8.0
Gary Gregory
-
2024/05/23
[ANN] Apache Syncope 3.0.7
Francesco Chicchiriccò
-
2024/05/22
[ANNOUNCE] Apache YuniKorn v1.5.1 released
Wilfred Spiegelenburg
-
2024/05/20
[ANNOUNCE] Apache Arrow ADBC 12 released
David Li
-
2024/05/19
[ANNOUNCE] Hive 2.x EOL
Ayush Saxena
-
2024/05/19
[ANNOUNCE] Apache Arrow 16.1.0 released
Raúl Cumplido
-
2024/05/19
[ANNOUNCE] Apache Pekko 1.1.0-M1 released
PJ Fanning
-
2024/05/18
[ANNOUNCE] Apache NiFi MiNiFi C++ 0.99.0 release
Gábor Gyimesi
-
2024/05/18
[ANNOUNCE] Apache Sedona 1.6.0 released
Jia Yu
-
2024/05/17
[ANNOUNCE] Apache Airflow Providers prepared on May 12, 2024 are released
Elad Kalif
-
2024/05/17
[ANNOUNCE] Apache Pulsar 3.2.3 released
Lari Hotari
-
2024/05/17
[ANNOUNCE] Apache Pulsar 3.0.5 released
Lari Hotari
-
2024/05/17
[ANNOUNCE] Apache Flink CDC 3.1.0 released
Qingsheng Ren
-
2024/05/17
[ANNOUNCE] Apache NiFi 2.0.0-M3 Released
David Handermann
-
2024/05/16
[ANNOUNCE] Released Reactive client for Apache Pulsar, version 0.5.5
Chris Bono
-
2024/05/16
[ANNOUNCE] Apache StormCrawler (Incubating) 3.0 released
Richard Zowalla
-
2024/05/15
[ANNOUNCE] Apache Commons Logging 1.3.2
Gary Gregory
-
2024/05/14
[ANNOUNCE] Apache ServiceComb Java Chassis version 3.1.1 Released
liubao
-
2024/05/14
CVE-2024-32077: Apache Airflow: XSS vulnerability in Task Instance Log/Log Details
Ephraim Anierobi
-
2024/05/13
[ANN] Apache Tomcat 10.1.24 Available
Christopher Schultz
-
2024/05/13
[ANNOUNCEMENT] Apache SkyWalking BanyanDB 0.6.0 Released
Hongtao Gao
-
2024/05/13
[ANNOUNCE] Apache SkyWalking 10.0.0 released
Sheng Wu
-
2024/05/13
[ANNOUNCE] Apache Jackrabbit 2.20.16 released
Julian Reschke
-
2024/05/10
[ANNOUNCE] Apache Camel 4.6.0 Released
Gregor Zurowski
-
2024/05/10
[ANNOUNCE] Apache Sedona 1.5.3 released
Jia Yu
-
2024/05/08
CVE-2024-34365: Apache Karaf Cave: Cave SSRF and arbitrary file access
Arnout Engelen
-
2024/05/08
CVE-2024-26579: Apache Inlong JDBC Vulnerability
Charles Zhang
-
2024/05/08
CVE-2024-32113: Apache OFBiz: Path traversal leading to RCE
Jacques Le Roux
-
2024/05/08
[ANN] Apache Tomcat 11.0.0-M20 (alpha) available
Mark Thomas
-
2024/05/07
[ANNOUNCE] Apache Sedona 1.5.2 released
Jia Yu
-
2024/05/07
[ANN] Apache Tomcat 9.0.89 available
Rémy Maucherat
-
2024/05/07
[ANNOUNCE] Apache SkyWalking BanyanDB Java Client 0.6.0 released
Hongtao Gao
-
2024/05/07
[ANNOUNCE] Apache OFBiz 18.12.13 released
Jacopo Cappellato
-
2024/05/07
CVE-2024-28148: Apache Superset: Incorrect datasource authorization on explore REST API
Daniel Gaspar
-
2024/05/07
[ANNOUNCE] Apache Calcite 1.37.0 released
Sergey Nuyanzin
-
2024/05/06
[ANNOUNCE] Apache Geronimo BatchEE 2.0.0
fpapon
-
2024/05/06
[ANNOUNCE] Apache Camel 3.22.2 (LTS) Released
Gregor Zurowski
-
2024/05/06
[ANNOUNCE] Apache Airflow 2.9.1 Released
Ephraim Anierobi
-
2024/05/06
[ANNOUNCE] Apache Airflow Providers prepared on May 01, 2024 are released
Elad Kalif
-
2024/05/05
Apache Archiva is now retired
Hervé Boutemy
-
2024/05/03
CVE-2023-35701: Apache Hive: Arbitrary command execution via JDBC driver
Stamatis Zampetakis