Search for packages
Package details: pkg:deb/debian/apr-util@1.2.7%2Bdfsg-2
purl pkg:deb/debian/apr-util@1.2.7%2Bdfsg-2
Next non-vulnerable version 1.6.1-5+deb11u1
Latest non-vulnerable version 1.6.1-5+deb11u1
Risk 10.0
Vulnerabilities affecting this package (7)
Vulnerability Summary Fixed by
VCID-1sxy-v71c-aaah
Aliases:
CVE-2009-1956
Off-by-one error in the apr_brigade_vprintf function in Apache APR-util before 1.3.5 on big-endian platforms allows remote attackers to obtain sensitive information or cause a denial of service (application crash) via crafted input.
1.3.9+dfsg-5
Affected by 2 other vulnerabilities.
VCID-5pbq-sddx-aaar
Aliases:
CVE-2017-12618
Apache Portable Runtime Utility (APR-util) 1.6.0 and prior fail to validate the integrity of SDBM database files used by apr_sdbm*() functions, resulting in a possible out of bound read access. A local user with write access to the database can make a program or process using these functions crash, and cause a denial of service.
1.6.1-4
Affected by 1 other vulnerability.
VCID-g44f-ek3a-aaak
Aliases:
CVE-2009-0023
The apr_strmatch_precompile function in strmatch/apr_strmatch.c in Apache APR-util before 1.3.5 allows remote attackers to cause a denial of service (daemon crash) via crafted input involving (1) a .htaccess file used with the Apache HTTP Server, (2) the SVNMasterURI directive in the mod_dav_svn module in the Apache HTTP Server, (3) the mod_apreq2 module for the Apache HTTP Server, or (4) an application that uses the libapreq2 library, which triggers a heap-based buffer underflow.
1.3.9+dfsg-5
Affected by 2 other vulnerabilities.
VCID-pchy-8zhu-aaap
Aliases:
CVE-2022-25147
Integer Overflow or Wraparound vulnerability in apr_base64 functions of Apache Portable Runtime Utility (APR-util) allows an attacker to write beyond bounds of a buffer. This issue affects Apache Portable Runtime Utility (APR-util) 1.6.1 and prior versions.
1.6.1-5+deb11u1
Affected by 0 other vulnerabilities.
VCID-rxf1-1k5a-aaam
Aliases:
CVE-2010-1623
Memory leak in the apr_brigade_split_line function in buckets/apr_brigade.c in the Apache Portable Runtime Utility library (aka APR-util) before 1.3.10, as used in the mod_reqtimeout module in the Apache HTTP Server and other software, allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors related to the destruction of an APR bucket.
1.3.9+dfsg-5
Affected by 2 other vulnerabilities.
VCID-tepv-qzma-aaab
Aliases:
CVE-2009-1955
The expat XML parser in the apr_xml_* interface in xml/apr_xml.c in Apache APR-util before 1.3.7, as used in the mod_dav and mod_dav_svn modules in the Apache HTTP Server, allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document containing a large number of nested entity references, as demonstrated by a PROPFIND request, a similar issue to CVE-2003-1564.
1.3.9+dfsg-5
Affected by 2 other vulnerabilities.
VCID-us96-4dyu-aaad
Aliases:
CVE-2009-2412
Multiple integer overflows in the Apache Portable Runtime (APR) library and the Apache Portable Utility library (aka APR-util) 0.9.x and 1.3.x allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger crafted calls to the (1) allocator_alloc or (2) apr_palloc function in memory/unix/apr_pools.c in APR; or crafted calls to the (3) apr_rmm_malloc, (4) apr_rmm_calloc, or (5) apr_rmm_realloc function in misc/apr_rmm.c in APR-util; leading to buffer overflows. NOTE: some of these details are obtained from third party information.
1.3.9+dfsg-5
Affected by 2 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2025-06-21T19:14:11.818300+00:00 Debian Oval Importer Affected by VCID-rxf1-1k5a-aaam https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.3
2025-06-21T18:50:12.225725+00:00 Debian Oval Importer Affected by VCID-tepv-qzma-aaab https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.3
2025-06-21T18:31:46.655133+00:00 Debian Oval Importer Affected by VCID-5pbq-sddx-aaar https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.3
2025-06-21T17:18:52.855556+00:00 Debian Oval Importer Affected by VCID-tepv-qzma-aaab https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T17:15:35.428642+00:00 Debian Oval Importer Affected by VCID-us96-4dyu-aaad https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T17:14:14.092397+00:00 Debian Oval Importer Affected by VCID-rxf1-1k5a-aaam https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T14:50:15.193569+00:00 Debian Oval Importer Affected by VCID-5pbq-sddx-aaar https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T13:51:35.329998+00:00 Debian Oval Importer Affected by VCID-1sxy-v71c-aaah https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T12:54:55.417550+00:00 Debian Oval Importer Affected by VCID-g44f-ek3a-aaak https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T12:48:27.016134+00:00 Debian Oval Importer Affected by VCID-pchy-8zhu-aaap https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T07:38:17.316825+00:00 Debian Oval Importer Affected by VCID-pchy-8zhu-aaap None 36.1.3
2025-06-21T00:13:59.859910+00:00 Debian Oval Importer Affected by VCID-1sxy-v71c-aaah None 36.1.3
2025-06-21T00:06:49.263807+00:00 Debian Oval Importer Affected by VCID-tepv-qzma-aaab None 36.1.3
2025-06-20T23:57:53.174030+00:00 Debian Oval Importer Affected by VCID-us96-4dyu-aaad None 36.1.3
2025-06-20T22:57:36.558788+00:00 Debian Oval Importer Affected by VCID-g44f-ek3a-aaak None 36.1.3
2025-06-20T22:38:47.243511+00:00 Debian Oval Importer Affected by VCID-rxf1-1k5a-aaam None 36.1.3
2025-06-20T20:36:08.626782+00:00 Debian Oval Importer Affected by VCID-5pbq-sddx-aaar None 36.1.3
2025-06-08T12:48:16.136362+00:00 Debian Oval Importer Affected by VCID-pchy-8zhu-aaap https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.0
2025-06-08T12:11:20.992353+00:00 Debian Oval Importer Affected by VCID-us96-4dyu-aaad https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.0
2025-06-08T11:43:00.030252+00:00 Debian Oval Importer Affected by VCID-rxf1-1k5a-aaam https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.0
2025-06-08T11:20:03.000871+00:00 Debian Oval Importer Affected by VCID-tepv-qzma-aaab https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.0
2025-06-08T11:02:13.896622+00:00 Debian Oval Importer Affected by VCID-5pbq-sddx-aaar https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.0
2025-06-08T09:59:59.423502+00:00 Debian Oval Importer Affected by VCID-tepv-qzma-aaab https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T09:57:01.455940+00:00 Debian Oval Importer Affected by VCID-us96-4dyu-aaad https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T09:55:43.042229+00:00 Debian Oval Importer Affected by VCID-rxf1-1k5a-aaam https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T07:43:36.296634+00:00 Debian Oval Importer Affected by VCID-5pbq-sddx-aaar https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T06:45:48.196537+00:00 Debian Oval Importer Affected by VCID-1sxy-v71c-aaah https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T05:49:56.568261+00:00 Debian Oval Importer Affected by VCID-g44f-ek3a-aaak https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T05:43:29.995458+00:00 Debian Oval Importer Affected by VCID-pchy-8zhu-aaap https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T01:18:13.110588+00:00 Debian Oval Importer Affected by VCID-pchy-8zhu-aaap None 36.1.0
2025-06-07T17:36:51.649200+00:00 Debian Oval Importer Affected by VCID-1sxy-v71c-aaah None 36.1.0
2025-06-07T17:29:35.441723+00:00 Debian Oval Importer Affected by VCID-tepv-qzma-aaab None 36.1.0
2025-06-07T17:20:46.846663+00:00 Debian Oval Importer Affected by VCID-us96-4dyu-aaad None 36.1.0
2025-06-07T16:20:52.192093+00:00 Debian Oval Importer Affected by VCID-g44f-ek3a-aaak None 36.1.0
2025-06-07T16:02:45.007949+00:00 Debian Oval Importer Affected by VCID-rxf1-1k5a-aaam None 36.1.0
2025-06-07T14:08:39.917740+00:00 Debian Oval Importer Affected by VCID-5pbq-sddx-aaar None 36.1.0
2025-04-12T20:44:25.624464+00:00 Debian Oval Importer Affected by VCID-g44f-ek3a-aaak https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T19:12:26.046066+00:00 Debian Oval Importer Affected by VCID-1sxy-v71c-aaah https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T18:35:11.716276+00:00 Debian Oval Importer Affected by VCID-pchy-8zhu-aaap https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T17:57:01.376538+00:00 Debian Oval Importer Affected by VCID-us96-4dyu-aaad https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T17:27:49.739867+00:00 Debian Oval Importer Affected by VCID-rxf1-1k5a-aaam https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T17:04:01.141506+00:00 Debian Oval Importer Affected by VCID-tepv-qzma-aaab https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T16:45:09.043388+00:00 Debian Oval Importer Affected by VCID-5pbq-sddx-aaar https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-08T08:32:15.897133+00:00 Debian Oval Importer Affected by VCID-tepv-qzma-aaab https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T08:29:13.895473+00:00 Debian Oval Importer Affected by VCID-us96-4dyu-aaad https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T08:27:55.472144+00:00 Debian Oval Importer Affected by VCID-rxf1-1k5a-aaam https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T06:16:06.601363+00:00 Debian Oval Importer Affected by VCID-5pbq-sddx-aaar https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T05:18:13.142270+00:00 Debian Oval Importer Affected by VCID-1sxy-v71c-aaah https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T04:21:42.371087+00:00 Debian Oval Importer Affected by VCID-g44f-ek3a-aaak https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T04:15:13.581792+00:00 Debian Oval Importer Affected by VCID-pchy-8zhu-aaap https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-07T23:50:49.849678+00:00 Debian Oval Importer Affected by VCID-pchy-8zhu-aaap None 36.0.0
2025-04-07T16:11:34.318352+00:00 Debian Oval Importer Affected by VCID-1sxy-v71c-aaah None 36.0.0
2025-04-07T16:04:06.114345+00:00 Debian Oval Importer Affected by VCID-tepv-qzma-aaab None 36.0.0
2025-04-07T15:54:48.972225+00:00 Debian Oval Importer Affected by VCID-us96-4dyu-aaad None 36.0.0
2025-04-07T14:52:34.723262+00:00 Debian Oval Importer Affected by VCID-g44f-ek3a-aaak None 36.0.0
2025-04-07T14:33:53.271312+00:00 Debian Oval Importer Affected by VCID-rxf1-1k5a-aaam None 36.0.0
2025-04-07T12:42:11.680325+00:00 Debian Oval Importer Affected by VCID-5pbq-sddx-aaar None 36.0.0
2024-11-27T16:28:50.129056+00:00 Debian Oval Importer Affected by VCID-rxf1-1k5a-aaam https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 35.0.0
2024-11-27T05:21:21.182747+00:00 Debian Oval Importer Affected by VCID-us96-4dyu-aaad https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 35.0.0
2024-11-27T04:43:06.206221+00:00 Debian Oval Importer Affected by VCID-1sxy-v71c-aaah https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 35.0.0
2024-11-27T04:41:34.911165+00:00 Debian Oval Importer Affected by VCID-tepv-qzma-aaab https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 35.0.0
2024-11-26T23:45:22.777823+00:00 Debian Oval Importer Affected by VCID-g44f-ek3a-aaak https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 35.0.0
2024-10-13T09:56:12.319363+00:00 Debian Oval Importer Affected by VCID-rxf1-1k5a-aaam https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.2
2024-10-13T02:13:07.944885+00:00 Debian Oval Importer Affected by VCID-us96-4dyu-aaad https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.2
2024-10-13T01:47:10.411510+00:00 Debian Oval Importer Affected by VCID-1sxy-v71c-aaah https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.2
2024-10-13T01:46:05.939172+00:00 Debian Oval Importer Affected by VCID-tepv-qzma-aaab https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.2
2024-10-12T22:23:13.786787+00:00 Debian Oval Importer Affected by VCID-g44f-ek3a-aaak https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.2
2024-09-20T22:18:24.243762+00:00 Debian Oval Importer Affected by VCID-rxf1-1k5a-aaam https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.1
2024-09-20T19:27:12.482264+00:00 Debian Oval Importer Affected by VCID-us96-4dyu-aaad https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.1
2024-09-20T19:17:44.748157+00:00 Debian Oval Importer Affected by VCID-1sxy-v71c-aaah https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.1
2024-09-20T19:17:15.822114+00:00 Debian Oval Importer Affected by VCID-tepv-qzma-aaab https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.1
2024-09-20T18:03:42.808289+00:00 Debian Oval Importer Affected by VCID-g44f-ek3a-aaak https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.1