Unity Linux 20.1060e / 20.1070e Security Update: apr (UTSA-2026-016610)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016610 advisory. When aprtimeexp or aprosexptime functions are invoked with an invalid month field value in Apache Portable Runtime APR 1.6.2 and prior, out of bounds memory may be...

MiracleLinux 7 : apr-1.4.8-3.el7.1 (AXSA:2017-2425:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2017-2425:01 advisory. An out-of-bounds array dereference was found in aprtimeexpget. An attacker could abuse an unvalidated usage of this function to cause a denial of service or...

MiracleLinux 4 : httpd24-apr-1.5.1-1.AXS4.1 (AXSA:2018-2580:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2018-2580:01 advisory. An out-of-bounds array dereference was found in aprtimeexpget. An attacker could abuse an unvalidated usage of this function to cause a denial of service or...

When apr_time_exp*() or apr_os_exp_time*() functions are invoked with an invalid month field value in Apache Portable Runtime APR 1.6.2 and prior, out of bounds memory may be accessed in converting this value to an apr_time_exp_t value, potentially revealing the contents of a different static heap value or resulting in program termination, and may represent an information disclosure or denial of service vulnerability to applications which call these APR functions with unvalidated external input.

...

K52319810: Apache Portable Runtime vulnerability CVE-2017-12613

Security Advisory Description When aprtimeexp or aprosexptime functions are invoked with an invalid month field value in Apache Portable Runtime APR 1.6.2 and prior, out of bounds memory may be accessed in converting this value to an aprtimeexpt value, potentially revealing the contents of a...

SUSE CVE-2017-12613

When aprtimeexp or aprosexptime functions are invoked with an invalid month field value in Apache Portable Runtime APR 1.6.2 and prior, out of bounds memory may be accessed in converting this value to an aprtimeexpt value, potentially revealing the contents of a different static heap value or...

Out-of-Bounds Read

libapr-1.so is vulnerable to out-of-bounds read. A malicious user can pass a invalid month value to the aprtimeexp or the aprosexptime functions to cause an out-of-bounds read that can lead to sensitive information being disclosed or the application crashing...

DEBIAN-CVE-2017-12613

When aprtimeexp or aprosexptime functions are invoked with an invalid month field value in Apache Portable Runtime APR 1.6.2 and prior, out of bounds memory may be accessed in converting this value to an aprtimeexpt value, potentially revealing the contents of a different static heap value or...

UBUNTU-CVE-2017-12613

When aprtimeexp or aprosexptime functions are invoked with an invalid month field value in Apache Portable Runtime APR 1.6.2 and prior, out of bounds memory may be accessed in converting this value to an aprtimeexpt value, potentially revealing the contents of a different static heap value or...

PT-2017-4213 · Apache +4 · Apache Portable Runtime +4

Name of the Vulnerable Software and Affected Versions: Apache Portable Runtime APR versions 1.6.2 and prior Description: The issue is related to the apr time exp and apr os exp time functions in the Apache Portable Runtime APR. When these functions are invoked with an invalid month field value, o...