Search for packages
Package details: pkg:deb/debian/apr-util@1.2.12%2Bdfsg-8%2Blenny5
purl pkg:deb/debian/apr-util@1.2.12%2Bdfsg-8%2Blenny5
Next non-vulnerable version 1.6.1-5+deb11u1
Latest non-vulnerable version 1.6.1-5+deb11u1
Risk 10.0
Vulnerabilities affecting this package (7)
Vulnerability Summary Fixed by
VCID-1sxy-v71c-aaah
Aliases:
CVE-2009-1956
Off-by-one error in the apr_brigade_vprintf function in Apache APR-util before 1.3.5 on big-endian platforms allows remote attackers to obtain sensitive information or cause a denial of service (application crash) via crafted input.
1.3.9+dfsg-5
Affected by 2 other vulnerabilities.
VCID-5pbq-sddx-aaar
Aliases:
CVE-2017-12618
Apache Portable Runtime Utility (APR-util) 1.6.0 and prior fail to validate the integrity of SDBM database files used by apr_sdbm*() functions, resulting in a possible out of bound read access. A local user with write access to the database can make a program or process using these functions crash, and cause a denial of service.
1.6.1-4
Affected by 1 other vulnerability.
VCID-g44f-ek3a-aaak
Aliases:
CVE-2009-0023
The apr_strmatch_precompile function in strmatch/apr_strmatch.c in Apache APR-util before 1.3.5 allows remote attackers to cause a denial of service (daemon crash) via crafted input involving (1) a .htaccess file used with the Apache HTTP Server, (2) the SVNMasterURI directive in the mod_dav_svn module in the Apache HTTP Server, (3) the mod_apreq2 module for the Apache HTTP Server, or (4) an application that uses the libapreq2 library, which triggers a heap-based buffer underflow.
1.3.9+dfsg-5
Affected by 2 other vulnerabilities.
VCID-pchy-8zhu-aaap
Aliases:
CVE-2022-25147
Integer Overflow or Wraparound vulnerability in apr_base64 functions of Apache Portable Runtime Utility (APR-util) allows an attacker to write beyond bounds of a buffer. This issue affects Apache Portable Runtime Utility (APR-util) 1.6.1 and prior versions.
1.6.1-5+deb11u1
Affected by 0 other vulnerabilities.
VCID-rxf1-1k5a-aaam
Aliases:
CVE-2010-1623
Memory leak in the apr_brigade_split_line function in buckets/apr_brigade.c in the Apache Portable Runtime Utility library (aka APR-util) before 1.3.10, as used in the mod_reqtimeout module in the Apache HTTP Server and other software, allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors related to the destruction of an APR bucket.
1.3.9+dfsg-5
Affected by 2 other vulnerabilities.
VCID-tepv-qzma-aaab
Aliases:
CVE-2009-1955
The expat XML parser in the apr_xml_* interface in xml/apr_xml.c in Apache APR-util before 1.3.7, as used in the mod_dav and mod_dav_svn modules in the Apache HTTP Server, allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document containing a large number of nested entity references, as demonstrated by a PROPFIND request, a similar issue to CVE-2003-1564.
1.3.9+dfsg-5
Affected by 2 other vulnerabilities.
VCID-us96-4dyu-aaad
Aliases:
CVE-2009-2412
Multiple integer overflows in the Apache Portable Runtime (APR) library and the Apache Portable Utility library (aka APR-util) 0.9.x and 1.3.x allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger crafted calls to the (1) allocator_alloc or (2) apr_palloc function in memory/unix/apr_pools.c in APR; or crafted calls to the (3) apr_rmm_malloc, (4) apr_rmm_calloc, or (5) apr_rmm_realloc function in misc/apr_rmm.c in APR-util; leading to buffer overflows. NOTE: some of these details are obtained from third party information.
1.3.9+dfsg-5
Affected by 2 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2025-06-21T19:14:11.822175+00:00 Debian Oval Importer Affected by VCID-rxf1-1k5a-aaam https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.3
2025-06-21T18:50:12.230152+00:00 Debian Oval Importer Affected by VCID-tepv-qzma-aaab https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.3
2025-06-21T18:31:46.659770+00:00 Debian Oval Importer Affected by VCID-5pbq-sddx-aaar https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.3
2025-06-21T17:18:52.859527+00:00 Debian Oval Importer Affected by VCID-tepv-qzma-aaab https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T17:15:35.433879+00:00 Debian Oval Importer Affected by VCID-us96-4dyu-aaad https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T17:14:14.097798+00:00 Debian Oval Importer Affected by VCID-rxf1-1k5a-aaam https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T14:50:15.197421+00:00 Debian Oval Importer Affected by VCID-5pbq-sddx-aaar https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T13:51:35.335455+00:00 Debian Oval Importer Affected by VCID-1sxy-v71c-aaah https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T12:54:55.421489+00:00 Debian Oval Importer Affected by VCID-g44f-ek3a-aaak https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T12:48:27.020723+00:00 Debian Oval Importer Affected by VCID-pchy-8zhu-aaap https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T07:38:17.321348+00:00 Debian Oval Importer Affected by VCID-pchy-8zhu-aaap None 36.1.3
2025-06-21T00:13:59.863915+00:00 Debian Oval Importer Affected by VCID-1sxy-v71c-aaah None 36.1.3
2025-06-21T00:06:49.268196+00:00 Debian Oval Importer Affected by VCID-tepv-qzma-aaab None 36.1.3
2025-06-20T23:57:53.178791+00:00 Debian Oval Importer Affected by VCID-us96-4dyu-aaad None 36.1.3
2025-06-20T22:57:36.563206+00:00 Debian Oval Importer Affected by VCID-g44f-ek3a-aaak None 36.1.3
2025-06-20T22:38:47.247587+00:00 Debian Oval Importer Affected by VCID-rxf1-1k5a-aaam None 36.1.3
2025-06-20T20:36:08.630175+00:00 Debian Oval Importer Affected by VCID-5pbq-sddx-aaar None 36.1.3
2025-06-08T12:48:16.140045+00:00 Debian Oval Importer Affected by VCID-pchy-8zhu-aaap https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.0
2025-06-08T12:11:20.995690+00:00 Debian Oval Importer Affected by VCID-us96-4dyu-aaad https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.0
2025-06-08T11:43:00.034408+00:00 Debian Oval Importer Affected by VCID-rxf1-1k5a-aaam https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.0
2025-06-08T11:20:03.004694+00:00 Debian Oval Importer Affected by VCID-tepv-qzma-aaab https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.0
2025-06-08T11:02:13.899792+00:00 Debian Oval Importer Affected by VCID-5pbq-sddx-aaar https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.0
2025-06-08T09:59:59.427218+00:00 Debian Oval Importer Affected by VCID-tepv-qzma-aaab https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T09:57:01.459211+00:00 Debian Oval Importer Affected by VCID-us96-4dyu-aaad https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T09:55:43.046383+00:00 Debian Oval Importer Affected by VCID-rxf1-1k5a-aaam https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T07:43:36.300981+00:00 Debian Oval Importer Affected by VCID-5pbq-sddx-aaar https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T06:45:48.199738+00:00 Debian Oval Importer Affected by VCID-1sxy-v71c-aaah https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T05:49:56.571441+00:00 Debian Oval Importer Affected by VCID-g44f-ek3a-aaak https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T05:43:29.998612+00:00 Debian Oval Importer Affected by VCID-pchy-8zhu-aaap https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T01:18:13.114414+00:00 Debian Oval Importer Affected by VCID-pchy-8zhu-aaap None 36.1.0
2025-06-07T17:36:51.653126+00:00 Debian Oval Importer Affected by VCID-1sxy-v71c-aaah None 36.1.0
2025-06-07T17:29:35.445846+00:00 Debian Oval Importer Affected by VCID-tepv-qzma-aaab None 36.1.0
2025-06-07T17:20:46.849950+00:00 Debian Oval Importer Affected by VCID-us96-4dyu-aaad None 36.1.0
2025-06-07T16:20:52.195592+00:00 Debian Oval Importer Affected by VCID-g44f-ek3a-aaak None 36.1.0
2025-06-07T16:02:45.011142+00:00 Debian Oval Importer Affected by VCID-rxf1-1k5a-aaam None 36.1.0
2025-06-07T14:08:39.920915+00:00 Debian Oval Importer Affected by VCID-5pbq-sddx-aaar None 36.1.0
2025-04-12T20:44:25.635385+00:00 Debian Oval Importer Affected by VCID-g44f-ek3a-aaak https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T19:12:26.055307+00:00 Debian Oval Importer Affected by VCID-1sxy-v71c-aaah https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T18:35:11.724126+00:00 Debian Oval Importer Affected by VCID-pchy-8zhu-aaap https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T17:57:01.384354+00:00 Debian Oval Importer Affected by VCID-us96-4dyu-aaad https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T17:27:49.750075+00:00 Debian Oval Importer Affected by VCID-rxf1-1k5a-aaam https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T17:04:01.151301+00:00 Debian Oval Importer Affected by VCID-tepv-qzma-aaab https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T16:45:09.053342+00:00 Debian Oval Importer Affected by VCID-5pbq-sddx-aaar https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-08T08:32:15.907282+00:00 Debian Oval Importer Affected by VCID-tepv-qzma-aaab https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T08:29:13.905627+00:00 Debian Oval Importer Affected by VCID-us96-4dyu-aaad https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T08:27:55.481447+00:00 Debian Oval Importer Affected by VCID-rxf1-1k5a-aaam https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T06:16:06.610417+00:00 Debian Oval Importer Affected by VCID-5pbq-sddx-aaar https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T05:18:13.151589+00:00 Debian Oval Importer Affected by VCID-1sxy-v71c-aaah https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T04:21:42.380878+00:00 Debian Oval Importer Affected by VCID-g44f-ek3a-aaak https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T04:15:13.591175+00:00 Debian Oval Importer Affected by VCID-pchy-8zhu-aaap https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-07T23:50:49.860754+00:00 Debian Oval Importer Affected by VCID-pchy-8zhu-aaap None 36.0.0
2025-04-07T16:11:34.330405+00:00 Debian Oval Importer Affected by VCID-1sxy-v71c-aaah None 36.0.0
2025-04-07T16:04:06.123421+00:00 Debian Oval Importer Affected by VCID-tepv-qzma-aaab None 36.0.0
2025-04-07T15:54:48.982154+00:00 Debian Oval Importer Affected by VCID-us96-4dyu-aaad None 36.0.0
2025-04-07T14:52:34.733734+00:00 Debian Oval Importer Affected by VCID-g44f-ek3a-aaak None 36.0.0
2025-04-07T14:33:53.280456+00:00 Debian Oval Importer Affected by VCID-rxf1-1k5a-aaam None 36.0.0
2025-04-07T12:42:11.690849+00:00 Debian Oval Importer Affected by VCID-5pbq-sddx-aaar None 36.0.0
2024-11-27T16:28:50.137891+00:00 Debian Oval Importer Affected by VCID-rxf1-1k5a-aaam https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 35.0.0
2024-11-27T05:21:21.192708+00:00 Debian Oval Importer Affected by VCID-us96-4dyu-aaad https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 35.0.0
2024-11-27T04:43:06.216409+00:00 Debian Oval Importer Affected by VCID-1sxy-v71c-aaah https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 35.0.0
2024-11-27T04:41:34.920894+00:00 Debian Oval Importer Affected by VCID-tepv-qzma-aaab https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 35.0.0
2024-11-26T23:45:22.788434+00:00 Debian Oval Importer Affected by VCID-g44f-ek3a-aaak https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 35.0.0
2024-10-13T09:56:12.327920+00:00 Debian Oval Importer Affected by VCID-rxf1-1k5a-aaam https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.2
2024-10-13T02:13:07.955009+00:00 Debian Oval Importer Affected by VCID-us96-4dyu-aaad https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.2
2024-10-13T01:47:10.421312+00:00 Debian Oval Importer Affected by VCID-1sxy-v71c-aaah https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.2
2024-10-13T01:46:05.949627+00:00 Debian Oval Importer Affected by VCID-tepv-qzma-aaab https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.2
2024-10-12T22:23:13.796804+00:00 Debian Oval Importer Affected by VCID-g44f-ek3a-aaak https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.2
2024-09-20T22:18:24.254474+00:00 Debian Oval Importer Affected by VCID-rxf1-1k5a-aaam https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.1
2024-09-20T19:27:12.493109+00:00 Debian Oval Importer Affected by VCID-us96-4dyu-aaad https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.1
2024-09-20T19:17:44.758904+00:00 Debian Oval Importer Affected by VCID-1sxy-v71c-aaah https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.1
2024-09-20T19:17:15.832811+00:00 Debian Oval Importer Affected by VCID-tepv-qzma-aaab https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.1
2024-09-20T18:03:42.820674+00:00 Debian Oval Importer Affected by VCID-g44f-ek3a-aaak https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.1