Apache Software Foundation Saw Assigned CVEs Up 24%, Security Issues Up 53% For 2020
The Apache Software Foundation that oversees 340+ Apache projects saw a measurable rise in security related issues during the course of 2020.
In publishing their 2020 security report, the Apache Software Foundation found that during the past calendar year the number of security email threads they were involved with was up 53% compared to 2019, the number of security vulnerabilities up 13% compared to the year prior, and the number of assigned CVEs was up 24%.
"Apache Software Foundation projects are highly diverse and independent. They have different languages, communities, management, and security models. However one of the things every project has in common is a consistent process for how reported security issues are handled. The ASF Security Committee works closely with the project teams, communities, and reporters to ensure that issues get handled quickly and correctly. This responsible oversight is a principle of The Apache Way and helps ensure Apache software is stable and can be trusted."
More details for those interested can be found on the Apache.org blog.
In publishing their 2020 security report, the Apache Software Foundation found that during the past calendar year the number of security email threads they were involved with was up 53% compared to 2019, the number of security vulnerabilities up 13% compared to the year prior, and the number of assigned CVEs was up 24%.
"Apache Software Foundation projects are highly diverse and independent. They have different languages, communities, management, and security models. However one of the things every project has in common is a consistent process for how reported security issues are handled. The ASF Security Committee works closely with the project teams, communities, and reporters to ensure that issues get handled quickly and correctly. This responsible oversight is a principle of The Apache Way and helps ensure Apache software is stable and can be trusted."
More details for those interested can be found on the Apache.org blog.
5 Comments