Search for packages
Package details: pkg:deb/debian/apr-util@1.2.7%2Bdfsg-2%2Betch3
purl pkg:deb/debian/apr-util@1.2.7%2Bdfsg-2%2Betch3
Next non-vulnerable version 1.6.1-5+deb11u1
Latest non-vulnerable version 1.6.1-5+deb11u1
Risk 10.0
Vulnerabilities affecting this package (7)
Vulnerability Summary Fixed by
VCID-1sxy-v71c-aaah
Aliases:
CVE-2009-1956
Off-by-one error in the apr_brigade_vprintf function in Apache APR-util before 1.3.5 on big-endian platforms allows remote attackers to obtain sensitive information or cause a denial of service (application crash) via crafted input.
1.3.9+dfsg-5
Affected by 2 other vulnerabilities.
VCID-5pbq-sddx-aaar
Aliases:
CVE-2017-12618
Apache Portable Runtime Utility (APR-util) 1.6.0 and prior fail to validate the integrity of SDBM database files used by apr_sdbm*() functions, resulting in a possible out of bound read access. A local user with write access to the database can make a program or process using these functions crash, and cause a denial of service.
1.6.1-4
Affected by 1 other vulnerability.
VCID-g44f-ek3a-aaak
Aliases:
CVE-2009-0023
The apr_strmatch_precompile function in strmatch/apr_strmatch.c in Apache APR-util before 1.3.5 allows remote attackers to cause a denial of service (daemon crash) via crafted input involving (1) a .htaccess file used with the Apache HTTP Server, (2) the SVNMasterURI directive in the mod_dav_svn module in the Apache HTTP Server, (3) the mod_apreq2 module for the Apache HTTP Server, or (4) an application that uses the libapreq2 library, which triggers a heap-based buffer underflow.
1.3.9+dfsg-5
Affected by 2 other vulnerabilities.
VCID-pchy-8zhu-aaap
Aliases:
CVE-2022-25147
Integer Overflow or Wraparound vulnerability in apr_base64 functions of Apache Portable Runtime Utility (APR-util) allows an attacker to write beyond bounds of a buffer. This issue affects Apache Portable Runtime Utility (APR-util) 1.6.1 and prior versions.
1.6.1-5+deb11u1
Affected by 0 other vulnerabilities.
VCID-rxf1-1k5a-aaam
Aliases:
CVE-2010-1623
Memory leak in the apr_brigade_split_line function in buckets/apr_brigade.c in the Apache Portable Runtime Utility library (aka APR-util) before 1.3.10, as used in the mod_reqtimeout module in the Apache HTTP Server and other software, allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors related to the destruction of an APR bucket.
1.3.9+dfsg-5
Affected by 2 other vulnerabilities.
VCID-tepv-qzma-aaab
Aliases:
CVE-2009-1955
The expat XML parser in the apr_xml_* interface in xml/apr_xml.c in Apache APR-util before 1.3.7, as used in the mod_dav and mod_dav_svn modules in the Apache HTTP Server, allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document containing a large number of nested entity references, as demonstrated by a PROPFIND request, a similar issue to CVE-2003-1564.
1.3.9+dfsg-5
Affected by 2 other vulnerabilities.
VCID-us96-4dyu-aaad
Aliases:
CVE-2009-2412
Multiple integer overflows in the Apache Portable Runtime (APR) library and the Apache Portable Utility library (aka APR-util) 0.9.x and 1.3.x allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger crafted calls to the (1) allocator_alloc or (2) apr_palloc function in memory/unix/apr_pools.c in APR; or crafted calls to the (3) apr_rmm_malloc, (4) apr_rmm_calloc, or (5) apr_rmm_realloc function in misc/apr_rmm.c in APR-util; leading to buffer overflows. NOTE: some of these details are obtained from third party information.
1.3.9+dfsg-5
Affected by 2 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2025-06-21T19:14:11.820297+00:00 Debian Oval Importer Affected by VCID-rxf1-1k5a-aaam https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.3
2025-06-21T18:50:12.228005+00:00 Debian Oval Importer Affected by VCID-tepv-qzma-aaab https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.3
2025-06-21T18:31:46.657517+00:00 Debian Oval Importer Affected by VCID-5pbq-sddx-aaar https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.3
2025-06-21T17:18:52.857624+00:00 Debian Oval Importer Affected by VCID-tepv-qzma-aaab https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T17:15:35.431417+00:00 Debian Oval Importer Affected by VCID-us96-4dyu-aaad https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T17:14:14.095448+00:00 Debian Oval Importer Affected by VCID-rxf1-1k5a-aaam https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T14:50:15.195538+00:00 Debian Oval Importer Affected by VCID-5pbq-sddx-aaar https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T13:51:35.332782+00:00 Debian Oval Importer Affected by VCID-1sxy-v71c-aaah https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T12:54:55.419624+00:00 Debian Oval Importer Affected by VCID-g44f-ek3a-aaak https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T12:48:27.018461+00:00 Debian Oval Importer Affected by VCID-pchy-8zhu-aaap https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T07:38:17.319178+00:00 Debian Oval Importer Affected by VCID-pchy-8zhu-aaap None 36.1.3
2025-06-21T00:13:59.862056+00:00 Debian Oval Importer Affected by VCID-1sxy-v71c-aaah None 36.1.3
2025-06-21T00:06:49.266057+00:00 Debian Oval Importer Affected by VCID-tepv-qzma-aaab None 36.1.3
2025-06-20T23:57:53.176469+00:00 Debian Oval Importer Affected by VCID-us96-4dyu-aaad None 36.1.3
2025-06-20T22:57:36.561078+00:00 Debian Oval Importer Affected by VCID-g44f-ek3a-aaak None 36.1.3
2025-06-20T22:38:47.245619+00:00 Debian Oval Importer Affected by VCID-rxf1-1k5a-aaam None 36.1.3
2025-06-20T20:36:08.628524+00:00 Debian Oval Importer Affected by VCID-5pbq-sddx-aaar None 36.1.3
2025-06-08T12:48:16.138232+00:00 Debian Oval Importer Affected by VCID-pchy-8zhu-aaap https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.0
2025-06-08T12:11:20.994106+00:00 Debian Oval Importer Affected by VCID-us96-4dyu-aaad https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.0
2025-06-08T11:43:00.032776+00:00 Debian Oval Importer Affected by VCID-rxf1-1k5a-aaam https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.0
2025-06-08T11:20:03.002787+00:00 Debian Oval Importer Affected by VCID-tepv-qzma-aaab https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.0
2025-06-08T11:02:13.898273+00:00 Debian Oval Importer Affected by VCID-5pbq-sddx-aaar https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.0
2025-06-08T09:59:59.425642+00:00 Debian Oval Importer Affected by VCID-tepv-qzma-aaab https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T09:57:01.457628+00:00 Debian Oval Importer Affected by VCID-us96-4dyu-aaad https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T09:55:43.043910+00:00 Debian Oval Importer Affected by VCID-rxf1-1k5a-aaam https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T07:43:36.299157+00:00 Debian Oval Importer Affected by VCID-5pbq-sddx-aaar https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T06:45:48.198215+00:00 Debian Oval Importer Affected by VCID-1sxy-v71c-aaah https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T05:49:56.569929+00:00 Debian Oval Importer Affected by VCID-g44f-ek3a-aaak https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T05:43:29.997087+00:00 Debian Oval Importer Affected by VCID-pchy-8zhu-aaap https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T01:18:13.112535+00:00 Debian Oval Importer Affected by VCID-pchy-8zhu-aaap None 36.1.0
2025-06-07T17:36:51.651432+00:00 Debian Oval Importer Affected by VCID-1sxy-v71c-aaah None 36.1.0
2025-06-07T17:29:35.443818+00:00 Debian Oval Importer Affected by VCID-tepv-qzma-aaab None 36.1.0
2025-06-07T17:20:46.848384+00:00 Debian Oval Importer Affected by VCID-us96-4dyu-aaad None 36.1.0
2025-06-07T16:20:52.193982+00:00 Debian Oval Importer Affected by VCID-g44f-ek3a-aaak None 36.1.0
2025-06-07T16:02:45.009616+00:00 Debian Oval Importer Affected by VCID-rxf1-1k5a-aaam None 36.1.0
2025-06-07T14:08:39.919396+00:00 Debian Oval Importer Affected by VCID-5pbq-sddx-aaar None 36.1.0
2025-04-12T20:44:25.630448+00:00 Debian Oval Importer Affected by VCID-g44f-ek3a-aaak https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T19:12:26.050446+00:00 Debian Oval Importer Affected by VCID-1sxy-v71c-aaah https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T18:35:11.720181+00:00 Debian Oval Importer Affected by VCID-pchy-8zhu-aaap https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T17:57:01.380323+00:00 Debian Oval Importer Affected by VCID-us96-4dyu-aaad https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T17:27:49.745103+00:00 Debian Oval Importer Affected by VCID-rxf1-1k5a-aaam https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T17:04:01.146390+00:00 Debian Oval Importer Affected by VCID-tepv-qzma-aaab https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T16:45:09.048387+00:00 Debian Oval Importer Affected by VCID-5pbq-sddx-aaar https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-08T08:32:15.902368+00:00 Debian Oval Importer Affected by VCID-tepv-qzma-aaab https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T08:29:13.900447+00:00 Debian Oval Importer Affected by VCID-us96-4dyu-aaad https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T08:27:55.476599+00:00 Debian Oval Importer Affected by VCID-rxf1-1k5a-aaam https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T06:16:06.605758+00:00 Debian Oval Importer Affected by VCID-5pbq-sddx-aaar https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T05:18:13.146940+00:00 Debian Oval Importer Affected by VCID-1sxy-v71c-aaah https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T04:21:42.376052+00:00 Debian Oval Importer Affected by VCID-g44f-ek3a-aaak https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T04:15:13.586195+00:00 Debian Oval Importer Affected by VCID-pchy-8zhu-aaap https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-07T23:50:49.854848+00:00 Debian Oval Importer Affected by VCID-pchy-8zhu-aaap None 36.0.0
2025-04-07T16:11:34.324375+00:00 Debian Oval Importer Affected by VCID-1sxy-v71c-aaah None 36.0.0
2025-04-07T16:04:06.118954+00:00 Debian Oval Importer Affected by VCID-tepv-qzma-aaab None 36.0.0
2025-04-07T15:54:48.977255+00:00 Debian Oval Importer Affected by VCID-us96-4dyu-aaad None 36.0.0
2025-04-07T14:52:34.728561+00:00 Debian Oval Importer Affected by VCID-g44f-ek3a-aaak None 36.0.0
2025-04-07T14:33:53.275760+00:00 Debian Oval Importer Affected by VCID-rxf1-1k5a-aaam None 36.0.0
2025-04-07T12:42:11.685055+00:00 Debian Oval Importer Affected by VCID-5pbq-sddx-aaar None 36.0.0
2024-11-27T16:28:50.133354+00:00 Debian Oval Importer Affected by VCID-rxf1-1k5a-aaam https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 35.0.0
2024-11-27T05:21:21.187638+00:00 Debian Oval Importer Affected by VCID-us96-4dyu-aaad https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 35.0.0
2024-11-27T04:43:06.211342+00:00 Debian Oval Importer Affected by VCID-1sxy-v71c-aaah https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 35.0.0
2024-11-27T04:41:34.916182+00:00 Debian Oval Importer Affected by VCID-tepv-qzma-aaab https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 35.0.0
2024-11-26T23:45:22.783074+00:00 Debian Oval Importer Affected by VCID-g44f-ek3a-aaak https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 35.0.0
2024-10-13T09:56:12.323656+00:00 Debian Oval Importer Affected by VCID-rxf1-1k5a-aaam https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.2
2024-10-13T02:13:07.950037+00:00 Debian Oval Importer Affected by VCID-us96-4dyu-aaad https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.2
2024-10-13T01:47:10.416468+00:00 Debian Oval Importer Affected by VCID-1sxy-v71c-aaah https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.2
2024-10-13T01:46:05.944687+00:00 Debian Oval Importer Affected by VCID-tepv-qzma-aaab https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.2
2024-10-12T22:23:13.791738+00:00 Debian Oval Importer Affected by VCID-g44f-ek3a-aaak https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.2
2024-09-20T22:18:24.249164+00:00 Debian Oval Importer Affected by VCID-rxf1-1k5a-aaam https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.1
2024-09-20T19:27:12.487639+00:00 Debian Oval Importer Affected by VCID-us96-4dyu-aaad https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.1
2024-09-20T19:17:44.753710+00:00 Debian Oval Importer Affected by VCID-1sxy-v71c-aaah https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.1
2024-09-20T19:17:15.827642+00:00 Debian Oval Importer Affected by VCID-tepv-qzma-aaab https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.1
2024-09-20T18:03:42.814494+00:00 Debian Oval Importer Affected by VCID-g44f-ek3a-aaak https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.1