Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-29bh-jatc-73ad

Summary

Memory consumption errors in Apache Portable Runtime and APR
    Utility Library could result in Denial of Service.

Aliases

alias	CVE-2012-0840

Fixed_packages

url	pkg:deb/debian/apr@1.4.6-1?distro=trixie
purl	pkg:deb/debian/apr@1.4.6-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/apr@1.4.6-1%3Fdistro=trixie

url pkg:deb/debian/apr@1.4.6-3%2Bdeb7u1

purl pkg:deb/debian/apr@1.4.6-3%2Bdeb7u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3qre-qddd-eqgk

vulnerability	VCID-jdxe-krj9-8kax

vulnerability	VCID-xz52-5z1u-cuf9

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apr@1.4.6-3%252Bdeb7u1

url pkg:deb/debian/apr@1.7.0-6%2Bdeb11u2?distro=trixie

purl pkg:deb/debian/apr@1.7.0-6%2Bdeb11u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-g38k-gh86-pkcn

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apr@1.7.0-6%252Bdeb11u2%3Fdistro=trixie

url	pkg:deb/debian/apr@1.7.2-3%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/apr@1.7.2-3%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/apr@1.7.2-3%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/apr@1.7.5-1?distro=trixie
purl	pkg:deb/debian/apr@1.7.5-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/apr@1.7.5-1%3Fdistro=trixie

url	pkg:deb/debian/apr@1.7.6-3?distro=trixie
purl	pkg:deb/debian/apr@1.7.6-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/apr@1.7.6-3%3Fdistro=trixie

url	pkg:ebuild/dev-libs/apr@1.4.8-r1
purl	pkg:ebuild/dev-libs/apr@1.4.8-r1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-libs/apr@1.4.8-r1

url	pkg:ebuild/dev-libs/apr-util@1.3.10
purl	pkg:ebuild/dev-libs/apr-util@1.3.10
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-libs/apr-util@1.3.10

url	pkg:ebuild/dev-libs/apr-util@1.4.8-r1
purl	pkg:ebuild/dev-libs/apr-util@1.4.8-r1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-libs/apr-util@1.4.8-r1

Affected_packages

url pkg:deb/debian/apr@1.2.7-8.2

purl pkg:deb/debian/apr@1.2.7-8.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-29bh-jatc-73ad

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-3qre-qddd-eqgk

vulnerability	VCID-jdxe-krj9-8kax

vulnerability	VCID-qebd-7szr-y7cx

vulnerability	VCID-umuk-3n1q-3qet

vulnerability	VCID-xz52-5z1u-cuf9

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apr@1.2.7-8.2

url pkg:deb/debian/apr@1.2.7-9

purl pkg:deb/debian/apr@1.2.7-9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-29bh-jatc-73ad

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-3qre-qddd-eqgk

vulnerability	VCID-jdxe-krj9-8kax

vulnerability	VCID-qebd-7szr-y7cx

vulnerability	VCID-umuk-3n1q-3qet

vulnerability	VCID-xz52-5z1u-cuf9

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apr@1.2.7-9

url pkg:deb/debian/apr@1.2.12-5%2Blenny5

purl pkg:deb/debian/apr@1.2.12-5%2Blenny5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-29bh-jatc-73ad

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-3qre-qddd-eqgk

vulnerability	VCID-jdxe-krj9-8kax

vulnerability	VCID-qebd-7szr-y7cx

vulnerability	VCID-umuk-3n1q-3qet

vulnerability	VCID-xz52-5z1u-cuf9

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apr@1.2.12-5%252Blenny5

url pkg:deb/debian/apr@1.4.2-6%2Bsqueeze4

purl pkg:deb/debian/apr@1.4.2-6%2Bsqueeze4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-29bh-jatc-73ad

vulnerability	VCID-3cea-3rkm-r7gs

vulnerability	VCID-3qre-qddd-eqgk

vulnerability	VCID-jdxe-krj9-8kax

vulnerability	VCID-qebd-7szr-y7cx

vulnerability	VCID-xz52-5z1u-cuf9

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/apr@1.4.2-6%252Bsqueeze4

References

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0840.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0840.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2012-0840

reference_id

reference_type

scores

value	0.37182
scoring_system	epss
scoring_elements	0.97137
published_at	2026-04-01T12:55:00Z

value	0.37182
scoring_system	epss
scoring_elements	0.97143
published_at	2026-04-02T12:55:00Z

value	0.37182
scoring_system	epss
scoring_elements	0.97149
published_at	2026-04-04T12:55:00Z

value	0.37182
scoring_system	epss
scoring_elements	0.9715
published_at	2026-04-07T12:55:00Z

value	0.37182
scoring_system	epss
scoring_elements	0.9716
published_at	2026-04-09T12:55:00Z

value	0.37182
scoring_system	epss
scoring_elements	0.97164
published_at	2026-04-11T12:55:00Z

value	0.37182
scoring_system	epss
scoring_elements	0.97165
published_at	2026-04-13T12:55:00Z

value	0.37182
scoring_system	epss
scoring_elements	0.97173
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2012-0840

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0840
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0840

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=655435
reference_id	655435
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=655435

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=781606
reference_id	781606
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=781606

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/36669.txt
reference_id	CVE-2012-0840;OSVDB-78932
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/36669.txt

reference_url	https://www.securityfocus.com/bid/51917/info
reference_id	CVE-2012-0840;OSVDB-78932
reference_type	exploit
scores
url	https://www.securityfocus.com/bid/51917/info

reference_url	https://security.gentoo.org/glsa/201405-24
reference_id	GLSA-201405-24
reference_type
scores
url	https://security.gentoo.org/glsa/201405-24

Weaknesses

Exploits

date_added	2012-01-05
description	Apache APR - Hash Collision Denial of Service
required_action	`null`
due_date	`null`
notes	`null`
known_ransomware_campaign_use	`true`
source_date_published	2012-01-05
exploit_type	dos
platform	linux
source_date_updated	2015-04-09
data_source	Exploit-DB
source_url	https://www.securityfocus.com/bid/51917/info

Severity_range_score null

Exploitability 2.0

Weighted_severity 0.3

Risk_score 0.6

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-29bh-jatc-73ad

Vulnerability Instance