Apache
Security Scorecard
Score
9F
Total CVEs
943
Patch Rate
6%
55 patched
Avg Response
459d
days to patch
Critical Gaps
21
exploitable, no detection
Severity Breakdown
Critical4
High19
Medium67
Low0
Patch Status
Patched55 (6%)
Partial/Workaround5 (1%)
Unpatched883 (94%)
CVEs (949)
| CVE ID | Title | Severity | Score | Days | Patch |
|---|---|---|---|---|---|
| CVE-2014-4641 | Apache HTTP Server Remote Code Execution Vulnerability | N/A | - | 3996d | Unpatched |
| CVE-2014-4640 | Apache Struts 2.x Vulnerability | N/A | - | 3996d | Unpatched |
| CVE-2013-6998 | Apache Log4j Remote Code Execution Vulnerability | N/A | - | 4007d | Unpatched |
| CVE-2014-3605 | Apache HTTP Server Remote File Inclusion Vulnerability | N/A | - | 4039d | Unpatched |
| CVE-2014-3671 | Unpatched Apache Kafka | N/A | - | 4082d | Unpatched |
| CVE-2013-2644 | Apache HTTP Server Remote File Inclusion Vulnerability | N/A | - | 4090d | Unpatched |
| CVE-2014-7227 | Unpatched Remote Code Execution in Apache Commons Pool | N/A | - | 4092d | Unpatched |
| CVE-2014-3659 | CVE-2014-3659 - "Apache Struts Vulnerability" | N/A | - | 4100d | Unpatched |
| CVE-2014-5880 | Apache Log4Shell | N/A | - | 4282d | Unpatched |
| CVE-2014-0070 | Zero-Day RCE in a Legacy Java Library | N/A | - | 4310d | Unpatched |