;; ;; Licensed to the Apache Software Foundation (ASF) under one ;; or more contributor license agreements. See the NOTICE file ;; distributed with this work for additional information ;; regarding copyright ownership. The ASF licenses this file ;; to you under the Apache License, Version 2.0 (the ;; “License”); you may not use this file except in compliance ;; with the License. You may obtain a copy of the License at ;; ;; http://www.apache.org/licenses/LICENSE-2.0 ;; ;; Unless required by applicable law or agreed to in writing, ;; software distributed under the License is distributed on an ;; “AS IS” BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY ;; KIND, either express or implied. See the License for the ;; specific language governing permissions and limitations ;; under the License. ;;
| CVE-ID | Severity | Affected versions | Fixed versions | Summary |
|---|---|---|---|---|
| CVE-2016-3094 | Important | 6.0.0, 6.0.1, and 6.0.2 | 6.0.3 | Denial of service |
| CVE-2016-4432 | Important | 6.0.2 and earlier | 6.0.3 | Authentication bypass |
| CVE-2016-8741 | Moderate | 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5, and 6.1.0 | 6.0.6, 6.1.1 | Information leakage |
| CVE-2017-15701 | Important | 6.1.0, 6.1.1, 6.1.2, 6.1.3, and 6.1.4 | 6.1.5 | Denial of Service |
| CVE-2017-15702 | Important | 0.18, 0.20, 0.22, 0.24, 0.26, 0.28, 0.30, and 0.32 | 6.0.0 | Authentication vulnerability |
| CVE-2018-1298 | Important | 7.0.0 | 7.0.1 | Denial of Service |
| CVE-2018-8030 | Important | 7.0.0, 7.0.1, 7.0.2, 7.0.3 and 7.0.4 | 7.0.5 | Denial of Service |
| CVE-2019-0200 | Important | 6.0.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5, 6.0.6, 6.0.7, 6.0.8, 6.1.0, 6.1.1, 6.1.2, 6.1.3, 6.1.4, 6.1.5, 6.1.6, 6.1.7, 7.0.0, 7.0.1, 7.0.2, 7.0.3, 7.0.4, 7.0.5, 7.0.6 and 7.1.0 | 7.0.7, 7.1.1 | Denial of Service |
See the main security page for general information and details for other components.