Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache portable runtime 1.7.0 vulnerabilities and exploits
(subscribe to this query)
3.6
CVSSv2
CVE-2021-35940
An out-of-bounds array read in the apr_time_exp*() functions was fixed in the Apache Portable Runtime 1.6.3 release (CVE-2017-12613). The fix for this issue was not carried forward to the APR 1.7.x branch, and hence version 1.7.0 regressed compared to 1.6.3 and is vulnerable to t...
Apache Portable Runtime 1.7.0
Oracle Http Server 12.2.1.3.0
Oracle Http Server 12.2.1.4.0
NA
CVE-2022-24963
Integer Overflow or Wraparound vulnerability in apr_encode functions of Apache Portable Runtime (APR) allows an malicious user to write beyond bounds of a buffer. This issue affects Apache Portable Runtime (APR) version 1.7.0.
Apache Portable Runtime 1.7.0
NA
CVE-2022-28331
On Windows, Apache Portable Runtime 1.7.0 and previous versions may write beyond the end of a stack based buffer in apr_socket_sendv(). This is a result of integer overflow.
Apache Portable Runtime
NA
CVE-2022-34169
The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update t...
Apache Xalan-java
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Oracle Jre 17.0.3.1
Oracle Jre 18.0.1.1
Oracle Jre 11.0.15.1
Oracle Jre 1.8.0
Oracle Jre 1.7.0
Oracle Jdk 17.0.3.1
Oracle Jdk 18.0.1.1
Oracle Jdk 11.0.15.1
Oracle Jdk 1.8.0
Oracle Jdk 1.7.0
Oracle Graalvm 20.3.6
Oracle Graalvm 21.3.2
Oracle Graalvm 22.1.0
Oracle Openjdk 8
Oracle Openjdk 7
Oracle Openjdk 18
Oracle Openjdk
Fedoraproject Fedora 35
Fedoraproject Fedora 36
3 Github repositories
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started