Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistMitreCVELIST:CVE-2009-1955
HistoryJun 06, 2009 - 6:00 p.m.

CVE-2009-1955

2009-06-0618:00:00
mitre
raw.githubusercontent.com
2

6.9 Medium

AI Score

Confidence

High

0.221 Low

EPSS

Percentile

96.5%

JSON

The expat XML parser in the apr_xml_* interface in xml/apr_xml.c in Apache APR-util before 1.3.7, as used in the mod_dav and mod_dav_svn modules in the Apache HTTP Server, allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document containing a large number of nested entity references, as demonstrated by a PROPFIND request, a similar issue to CVE-2003-1564.

Related

prion 29
debiancve 12
ubuntucve 14
openvas 50
nessus 33
cve 7
cvelist 29
seebug 1
httpd 1
github 2
freebsd 2
redhat 3
osv 3
veracode 1
redhatcve 1
centos 2
slackware 1
fedora 3
gentoo 1
securityvulns 2
oraclelinux 2
prion
prion
Design/Logic Flaw
2009-06-08 01:00:00
Design/Logic Flaw
2014-02-26 14:55:00
Code injection
2014-09-23 20:55:00
debiancve
debiancve
CVE-2009-1955
2009-06-08 01:00:00
CVE-2011-1756
2011-06-21 02:52:43
CVE-2011-2188
2011-06-21 02:52:43
ubuntucve
ubuntucve
CVE-2009-1955
2009-06-08 00:00:00
CVE-2003-1564
2003-12-31 00:00:00
CVE-2011-1755
2011-06-21 00:00:00
openvas
openvas
FreeBSD Ports: apr
2009-06-09 00:00:00
Mandrake Security Advisory MDVSA-2009:131-1 (apr-util)
2009-06-09 00:00:00
Mandrake Security Advisory MDVSA-2009:131 (apr-util)
2009-06-09 00:00:00
nessus
nessus
Mandriva Linux Security Advisory : apr-util (MDVSA-2009:131)
2009-06-08 00:00:00
Mandriva Linux Security Advisory : apr (MDVSA-2009:314)
2009-12-04 00:00:00
EulerOS 2.0 SP2 : qt (EulerOS-SA-2020-1669)
2020-06-17 00:00:00
cve
cve
CVE-2003-1564
2003-12-31 05:00:00
CVE-2009-1955
2009-06-08 01:00:00
CVE-2020-15303
2021-06-28 13:15:00
cvelist
cvelist
CVE-2003-1564
2008-09-02 14:00:00
CVE-2011-1757
2022-10-03 16:15:11
CVE-2014-5265
2014-08-18 10:00:00
seebug
seebug
Apache APR-util xml/apr_xml.cζ–‡δ»Άζ‹’η»ζœεŠ‘ζΌζ΄ž
2009-06-11 00:00:00
httpd
httpd
Apache Httpd < 2.2.12 : APR-util XML DoS
2009-06-06 00:00:00
github
github
SnakeYAML Entity Expansion during load operation
2021-06-04 21:37:45
JBossWS vulnerable to uncontrolled recursion
2022-05-13 01:39:29
freebsd
freebsd
ejabberd -- remote denial of service vulnerability
2011-04-27 00:00:00
apr -- multiple vulnerabilities
2009-06-05 00:00:00
redhat
redhat
(RHSA-2008:0886) Important: libxml2 security update
2008-09-11 00:00:00
(RHSA-2009:1108) Moderate: httpd security update
2009-06-16 00:00:00
(RHSA-2009:1107) Moderate: apr-util security update
2009-06-16 00:00:00
osv
osv
JBossWS vulnerable to uncontrolled recursion
2022-05-13 01:39:29
CVE-2017-18640
2019-12-12 03:15:10
SnakeYAML Entity Expansion during load operation
2021-06-04 21:37:45
veracode
veracode
Denial Of Service (DoS)
2019-01-15 08:53:01
redhatcve
redhatcve
CVE-2017-18640
2020-04-08 21:02:33
centos
centos
libxml2 security update
2008-09-12 01:23:56
apr security update
2009-06-19 09:53:07
slackware
slackware
apr-util
2009-06-16 17:40:37
fedora
fedora
[SECURITY] Fedora 9 Update: apr-util-1.2.12-7.fc9
2009-06-24 19:32:52
[SECURITY] Fedora 10 Update: apr-util-1.3.7-1.fc10
2009-06-24 19:40:30
[SECURITY] Fedora 11 Update: apr-util-1.3.7-1.fc11
2009-06-24 19:36:44
gentoo
gentoo
APR Utility Library: Multiple vulnerabilities
2009-07-04 00:00:00
securityvulns
securityvulns
[ MDVSA-2009:221 ] libneon0.27
2009-08-25 00:00:00
Apache apr-util webDav DoS
2009-06-05 00:00:00
oraclelinux
oraclelinux
httpd security update
2009-06-17 00:00:00
apr-util security update
2009-06-16 00:00:00

6.9 Medium

AI Score

Confidence

High

0.221 Low

EPSS

Percentile

96.5%

JSON
Related for CVELIST:CVE-2009-1955
prion29debiancve12ubuntucve14openvas50nessus33cve7cvelist29seebug1httpd1github2freebsd2redhat3osv3veracode1redhatcve1centos2slackware1fedora3gentoo1securityvulns2oraclelinux2