VulnerableCode Package Details - pkg:deb/debian/apr-util@1.5.4-3

Search for packages

Vulnerability	Summary	Fixed by
VCID-5pbq-sddx-aaar Aliases: CVE-2017-12618	Apache Portable Runtime Utility (APR-util) 1.6.0 and prior fail to validate the integrity of SDBM database files used by apr_sdbm*() functions, resulting in a possible out of bound read access. A local user with write access to the database can make a program or process using these functions crash, and cause a denial of service.	1.6.1-4 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-pchy-8zhu-aaap Aliases: CVE-2022-25147	Integer Overflow or Wraparound vulnerability in apr_base64 functions of Apache Portable Runtime Utility (APR-util) allows an attacker to write beyond bounds of a buffer. This issue affects Apache Portable Runtime Utility (APR-util) 1.6.1 and prior versions.	1.6.1-5+deb11u1 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-5pbq-sddx-aaar
Aliases:
CVE-2017-12618

Apache Portable Runtime Utility (APR-util) 1.6.0 and prior fail to validate the integrity of SDBM database files used by apr_sdbm*() functions, resulting in a possible out of bound read access. A local user with write access to the database can make a program or process using these functions crash, and cause a denial of service.

1.6.1-4
Affected by 1 other vulnerability.

VCID-pchy-8zhu-aaap
Aliases:
CVE-2022-25147

Integer Overflow or Wraparound vulnerability in apr_base64 functions of Apache Portable Runtime Utility (APR-util) allows an attacker to write beyond bounds of a buffer. This issue affects Apache Portable Runtime Utility (APR-util) 1.6.1 and prior versions.

1.6.1-5+deb11u1
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-06-21T18:31:46.668316+00:00	Debian Oval Importer	Affected by	VCID-5pbq-sddx-aaar	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	36.1.3
2025-06-21T14:50:15.205630+00:00	Debian Oval Importer	Affected by	VCID-5pbq-sddx-aaar	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	36.1.3
2025-06-21T12:48:27.029487+00:00	Debian Oval Importer	Affected by	VCID-pchy-8zhu-aaap	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	36.1.3
2025-06-21T07:38:17.330677+00:00	Debian Oval Importer	Affected by	VCID-pchy-8zhu-aaap	None	36.1.3
2025-06-21T00:53:26.686942+00:00	Debian Importer	Affected by	VCID-5pbq-sddx-aaar	None	36.1.3
2025-06-20T20:36:08.636559+00:00	Debian Oval Importer	Affected by	VCID-5pbq-sddx-aaar	None	36.1.3
2025-06-08T12:48:16.147270+00:00	Debian Oval Importer	Affected by	VCID-pchy-8zhu-aaap	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	36.1.0
2025-06-08T11:02:13.905864+00:00	Debian Oval Importer	Affected by	VCID-5pbq-sddx-aaar	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	36.1.0
2025-06-08T07:43:36.307124+00:00	Debian Oval Importer	Affected by	VCID-5pbq-sddx-aaar	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	36.1.0
2025-06-08T05:43:30.006086+00:00	Debian Oval Importer	Affected by	VCID-pchy-8zhu-aaap	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	36.1.0
2025-06-08T01:18:13.122350+00:00	Debian Oval Importer	Affected by	VCID-pchy-8zhu-aaap	None	36.1.0
2025-06-07T14:08:39.927104+00:00	Debian Oval Importer	Affected by	VCID-5pbq-sddx-aaar	None	36.1.0
2025-04-12T18:35:11.742018+00:00	Debian Oval Importer	Affected by	VCID-pchy-8zhu-aaap	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	36.0.0
2025-04-12T16:45:09.072840+00:00	Debian Oval Importer	Affected by	VCID-5pbq-sddx-aaar	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	36.0.0
2025-04-08T06:16:06.630240+00:00	Debian Oval Importer	Affected by	VCID-5pbq-sddx-aaar	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	36.0.0
2025-04-08T04:15:13.610627+00:00	Debian Oval Importer	Affected by	VCID-pchy-8zhu-aaap	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	36.0.0
2025-04-07T23:50:49.883840+00:00	Debian Oval Importer	Affected by	VCID-pchy-8zhu-aaap	None	36.0.0
2025-04-07T12:42:11.718898+00:00	Debian Oval Importer	Affected by	VCID-5pbq-sddx-aaar	None	36.0.0
2025-04-04T03:36:25.011103+00:00	Debian Importer	Affected by	VCID-5pbq-sddx-aaar	None	36.0.0
2025-02-18T20:06:18.927061+00:00	Debian Importer	Affected by	VCID-5pbq-sddx-aaar	None	35.1.0
2024-04-24T10:50:50.043226+00:00	Debian Importer	Affected by	VCID-5pbq-sddx-aaar	None	34.0.0rc4
2024-01-10T12:42:20.013991+00:00	Debian Importer	Affected by	VCID-5pbq-sddx-aaar	None	34.0.0rc2
2024-01-04T04:19:49.683835+00:00	Debian Importer	Affected by	VCID-5pbq-sddx-aaar	None	34.0.0rc1

2025-06-21T18:31:46.668316+00:00

Debian Oval Importer

Affected by

Next non-vulnerable version	1.6.1-5+deb11u1
Latest non-vulnerable version	1.6.1-5+deb11u1
Risk	3.1