Title: ASF Project Security Information
Notice:    Licensed to the Apache Software Foundation (ASF) under one
           or more contributor license agreements.  See the NOTICE file
           distributed with this work for additional information
           regarding copyright ownership.  The ASF licenses this file
           to you under the Apache License, Version 2.0 (the
           "License"); you may not use this file except in compliance
           with the License.  You may obtain a copy of the License at
           .
             http://www.apache.org/licenses/LICENSE-2.0
           .
           Unless required by applicable law or agreed to in writing,
           software distributed under the License is distributed on an
           "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
           KIND, either express or implied.  See the License for the
           specific language governing permissions and limitations
           under the License.

# ASF Project Security Information #

Pages maintained by ASF projects to provide information on known security
vulnerabilities are listed below. The security contact for reporting new
vulnerabilities is also shown. Note that whilst all projects have a
security team, not all project security teams have a dedicated address for
reporting new vulnerabilities.

To report a vulnerability in an Apache project that is not listed below,
please contact the [Apache Security Team](mailto:security@apache.org).

| Apache project security page | Security Contact |
|-----------------------|------------------|
|  [Apache Portable Runtime (APR)](https://apr.apache.org/security_report.html)  |  [Apache Security Team](mailto:security@apache.org)  |
|  [Apache Ant](https://ant.apache.org/security.html)  |  [Apache Security Team](mailto:security@apache.org)  |
|  [Apache Camel](https://camel.apache.org/security/) |  [Apache Security Team](mailto:security@apache.org)  |
|  [Apache CloudStack](https://cloudstack.apache.org/security.html)  |  [Apache Security Team](mailto:security@apache.org)  |
|  [Apache Commons](https://commons.apache.org/security.html) |  [Apache Security Team](mailto:security@apache.org)  |
|  Apache CouchDB |  [Apache CouchDB Security Team](mailto:security@couchdb.apache.org)  |
|  [Apache Fineract](https://cwiki.apache.org/confluence/display/FINERACT/Apache+Fineract+Security+Report)  |  [Apache Fineract Security Team](mailto:security@fineract.apache.org)  |
|  [Apache Geronimo](https://geronimo.apache.org/security-reports.html)  |  [Apache Geronimo Security Team](mailto:security@geronimo.apache.org)  |
|  [Apache Guacamole](https://guacamole.apache.org/security/) | [Apache Guacamole Security Team](mailto:security@guacamole.apache.org) |
|  [Apache Hadoop](https://hadoop.apache.org/mailing_lists.html) | [Apache Hadoop Security Team](mailto:security@hadoop.apache.org) |
|  [Apache Hive](https://hive.apache.org/mailing_lists.html) | [Apache Hive Security Team](mailto:security@hive.apache.org) |
|  [Apache HTTP Server](https://httpd.apache.org/security_report.html)  |  [Apache HTTP Server Security Team](mailto:security@httpd.apache.org)  |
|  Apache Ignite | [Apache Ignite Security Team](mailto:security@ignite.apache.org) |
|  Apache Jackrabbit | [Apache Jackrabbit Security Team](mailto:security@jackrabbit.apache.org) |
|  [Apache Kafka](https://kafka.apache.org/project-security.html)  |  [Apache Kafka Security Team](mailto:security@kafka.apache.org)  |
|  [Apache Libcloud](https://libcloud.apache.org/security.html) | [Apache Libcloud Security Team](mailto:security@libcloud.apache.org) |
|  Apache Lucene | [Apache Lucene Security Team](mailto:security@lucene.apache.org) |
|  Apache Metron | [Apache Metron Security Team](mailto:security@metron.apache.org) |
|  [Apache NiFi](https://nifi.apache.org/security.html)  |  [Apache NiFi Security Team](mailto:security@nifi.apache.org)  |
|  [Apache OFBiz](https://ofbiz.apache.org/download.html#security)  |  [Apache OFBiz Security Team](mailto:security@ofbiz.apache.org)  |
|  [Apache OpenMeetings](https://openmeetings.apache.org/security.html) | [Apache OpenMeetings Security Team](mailto:security@openmeetings.apache.org) |
|  [Apache OpenOffice](https://openoffice.apache.org/security)  |  [Apache OpenOffice Security Team](mailto:security@openoffice.apache.org)  |
|  [Apache ORC](https://orc.apache.org/security/) | [Apache ORC Security Team](mailto:security@orc.apache.org) |
|  [Apache Santuario](https://santuario.apache.org/secadv.html) | [Apache Security Team](mailto:security@apache.org) |
|  [Apache Sentry](https://cwiki.apache.org/confluence/display/SENTRY/Vulnerabilities+found+in+Apache+Sentry) | [Apache Sentry Security Team](mailto:security@sentry.apache.org) |
|  [Apache Shiro](https://shiro.apache.org/security-reports.html)  |  [Apache Shiro Security Team](mailto:security@shiro.apache.org)  |
|  [Apache SINGA](https://singa.apache.org/security.html) | [Apache SINGA Security Team](mailto:security@singa.apache.org) |
|  [Apache Sling](https://sling.apache.org/site/security.html)  |  [Apache Sling Security Team](mailto:security@sling.apache.org)  |
|  [Apache Solr](https://cwiki.apache.org/confluence/display/SOLR/SolrSecurity) | [Apache Solr Security Team](mailto:security@solr.apache.org) |
|  [Apache SpamAssassin](https://cwiki.apache.org/confluence/display/spamassassin) | [Apache SpamAssassin Security Team](mailto:security@spamassassin.apache.org) |
|  [Apache Spark](https://spark.apache.org/security.html)   |  [Apache Spark Security Team](mailto:security@spark.apache.org)  |
|  [Apache Struts](https://struts.apache.org/security.html)  |  [Apache Struts Security Team](mailto:security@struts.apache.org)  |
|  [Apache Subversion](https://subversion.apache.org/security/) | [Apache Subversion Security Team](mailto:security@subversion.apache.org)  |
|  [Apache Tomcat](https://tomcat.apache.org/security.html)  |  [Apache Tomcat Security Team](mailto:security@tomcat.apache.org)  |
|  [Apache Traffic Control](https://trafficcontrol.apache.org/security/index.html) | [Apache Traffic Control Security Team](mailto:security@trafficcontrol.apache.org) |
|  Apache Traffic Server | [Apache Traffic Server Security Team](mailto:security@trafficserver.apache.org) |
|  Apache Trafodion | [Apache Trafodion Security Team](mailto:security@trafodion.apache.org) |
|  [Apache XML Graphics](https://xmlgraphics.apache.org/security.html) | [Apache Security Team](mailto:security@apache.org) |
|  Apache Zeppelin | [Apache Zeppelin Security Team](mailto:security@zeppelin.apache.org) |
|  [Apache ZooKeeper](https://zookeeper.apache.org/security.html) | [Apache ZooKeeper Security Team](mailto:security@zookeeper.apache.org) |