Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:ebuild/dev-libs/apr-util@1.3.7
purl pkg:ebuild/dev-libs/apr-util@1.3.7
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (3)
Vulnerability Summary Aliases
VCID-3kyb-4yvt-f7e1 A denial of service flaw was found in the bundled copy of the APR-util library Extensible Markup Language (XML) parser. A remote attacker could create a specially-crafted XML document that would cause excessive memory consumption when processed by the XML decoding engine. CVE-2009-1955
VCID-7ftk-sajb-akh4 A heap-based underwrite flaw was found in the way the bundled copy of the APR-util library created compiled forms of particular search patterns. An attacker could formulate a specially-crafted search keyword, that would overwrite arbitrary heap memory locations when processed by the pattern preparation engine. CVE-2009-0023
VCID-pj4f-awuq-73g6 An off-by-one overflow flaw was found in the way the bundled copy of the APR-util library processed a variable list of arguments. An attacker could provide a specially-crafted string as input for the formatted output conversion routine, which could, on big-endian platforms, potentially lead to the disclosure of sensitive information or a denial of service. CVE-2009-1956

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-01T13:11:34.107624+00:00 Gentoo Importer Fixing VCID-pj4f-awuq-73g6 https://security.gentoo.org/glsa/200907-03 38.0.0
2026-04-01T13:11:34.096391+00:00 Gentoo Importer Fixing VCID-3kyb-4yvt-f7e1 https://security.gentoo.org/glsa/200907-03 38.0.0
2026-04-01T13:11:34.087080+00:00 Gentoo Importer Fixing VCID-7ftk-sajb-akh4 https://security.gentoo.org/glsa/200907-03 38.0.0