This post describes when and how we give credit to people who report security issues.| security.apache.org
This report explores the state of security across all of The Apache Software Foundation (ASF) projects for the calendar year 2022. We review key metrics, specific vulnerabilities, and the most common ways users of ASF projects were affected by security issues.| security.apache.org
We introduce a default severity rating system, based on the scales we've been using with some specific projects| security.apache.org