ASF Project Security Information

Pages maintained by ASF projects to provide information on known security vulnerabilities are listed below. The security contact for reporting new vulnerabilities is also shown. Note that whilst all projects have a security team, not all project security teams have a dedicated address for reporting new vulnerabilities.

To report a vulnerability in an Apache project that is not listed below, please contact the Apache Security Team.

Apache project Security Contact
Apache HTTP Server Apache Security Team
Apache Portable Runtime (APR) Apache Security Team
Apache CloudStack Apache CloudStack Security Team
Apache Geronimo Apache Geronimo Security Team
Apache OpenOffice Apache OpenOffice Security Team
Apache Sling Apache Sling Security Team
Apache Struts Apache Struts Security Team
Apache Tomcat Apache Tomcat Security Team