Apache
Security Scorecard
Score
9F
Total CVEs
943
Patch Rate
6%
54 patched
Avg Response
275d
days to patch
Critical Gaps
21
exploitable, no detection
Severity Breakdown
Critical4
High19
Medium67
Low0
Patch Status
Patched54 (6%)
Partial/Workaround5 (1%)
Unpatched884 (94%)
CVEs (949)
| CVE ID | Title | Severity | Score | Days | Patch |
|---|---|---|---|---|---|
| CVE-1999-0107 | Apache HTTP Server Buffer Overflow | MEDIUM | 5.0 | 10213d | Unpatched |
| CVE-1999-0071 | Apache httpd Cookie Buffer Overflow | HIGH | 7.5 | 10331d | Unpatched |
| CVE-1999-0070 | Apache HTTP Server Remote File Inclusion Vulnerability | MEDIUM | 5.0 | 10849d | Unpatched |
| CVE-2025-67898 | MJML Exploit | N/A | - | 0d | Unpatched |
| CVE-2025-66388 | Apache Airflow UI Secret Exposure | N/A | - | 0d | Unpatched |
| CVE-2025-67735 | Netty Smuggling Vulnerability | N/A | - | 0d | Unpatched |
| CVE-2025-46295 | Apache Commons Text Interpolation Vulnerability | N/A | - | 2d | Unpatched |
| CVE-2025-67895 | Airflow Edge3 RPC RCE | N/A | - | 1d | Unpatched |
| CVE-2025-68387 | Vega AST Evaluator XSS | N/A | - | 0d | Unpatched |