Search for packages
| purl | pkg:alpm/archlinux/apr@1.7.0-3 |
| Next non-vulnerable version | None. |
| Latest non-vulnerable version | None. |
| Risk | 3.2 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-g46y-xct8-aaaa
Aliases: CVE-2021-35940 |
An out-of-bounds array read in the apr_time_exp*() functions was fixed in the Apache Portable Runtime 1.6.3 release (CVE-2017-12613). The fix for this issue was not carried forward to the APR 1.7.x branch, and hence version 1.7.0 regressed compared to 1.6.3 and is vulnerable to the same issue. | There are no reported fixed by versions. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-03-28T07:43:56.357779+00:00 | Arch Linux Importer | Affected by | VCID-g46y-xct8-aaaa | https://security.archlinux.org/AVG-2313 | 36.0.0 |
| 2024-09-18T01:59:04.890452+00:00 | Arch Linux Importer | Affected by | VCID-g46y-xct8-aaaa | https://security.archlinux.org/AVG-2313 | 34.0.1 |
| 2024-01-03T22:25:23.232688+00:00 | Arch Linux Importer | Affected by | VCID-g46y-xct8-aaaa | https://security.archlinux.org/AVG-2313 | 34.0.0rc1 |