Lucene search
K
ApacheApr-util

6 matches found

CVE
CVE
added 2009/06/06 6:0 p.m.370 views

CVE-2009-1955

CVE-2009-1955 affects the Expact XML parser used by the apr_xml_* interface in xml/apr_xml.c of APR-util, with the vulnerability present in APR-util prior to 1.3.7. In Apache HTTP Server deployments that enable mod_dav and mod_dav_svn, a crafted XML document containing a large number of nested en...

7.5CVSS6.9AI score0.52988EPSS
CVE
CVE
added 2010/10/04 8:0 p.m.206 views

CVE-2010-1623

The CVE-2010-1623 issue affects the APR-util library (apr_brigade_split_line in buckets/apr_brigade.c) prior to version 1.3.10, where a memory leak can allow remote attackers to cause denial of service through memory consumption related to APR bucket destruction. Affected products commonly includ...

5CVSS6.3AI score0.20167EPSS
CVE
CVE
added 2009/08/06 3:0 p.m.190 views

CVE-2009-2412

CVE-2009-2412 – summary: Multiple integer overflows in Apache APR (memory/unix/apr_pools.c) and APR-util (misc/apr_rmm.c) for APR 0.9.x/1.3.x allow remote attackers to trigger buffer overflows, causing application crash or, potentially, arbitrary code execution. Likely vectors involve crafted cal...

10CVSS8.1AI score0.13781EPSS
CVE
CVE
added 2009/06/06 6:0 p.m.157 views

CVE-2009-1956

CVE-2009-1956: Off-by-one error in apr_brigade_vprintf in Apache APR-util before 1.3.5 on big-endian platforms. Remote attackers could obtain sensitive information or cause a denial of service (application crash) via crafted input. Affected product: APR-util (pre-1.3.5) used with APR/httpd; impac...

6.4CVSS7.4AI score0.12042EPSS
CVE
CVE
added 2009/06/06 6:0 p.m.147 views

CVE-2009-0023

CVE-2009-0023 affects Apache APR-util prior to 1.3.5. The vulnerability in apr_strmatch_precompile (strmatch/apr_strmatch.c) can be exploited by crafted input via that library’s usage contexts (e.g., .htaccess with Apache HTTP Server, SVNMasterURI in mod_dav_svn, mod_apreq2, or applications using...

4.3CVSS7.5AI score0.0853EPSS
CVE
CVE
added 2011/05/24 11:0 p.m.119 views

CVE-2011-1928

The CVE-2011-1928 issue affects the APR library’s fnmatch implementation (apr_fnmatch.c) in APR 1.4.3/1.4.4 and Apache HTTP Server 2.2.18, causing an infinite-loop DoS when processing certain URIs due to an incorrect fix for CVE-2011-0419. Connected advisories note the problem is triggered by wil...

4.3CVSS6.7AI score0.10322EPSS