Debian Bug report logs -
#879996
apr-util: CVE-2017-12618
Package:
src:apr-util;
Maintainer for src:apr-util is Debian Apache Maintainers <debian-apache@listsdebianorg>;
Reported by: Moritz Muehlenhoff <jmm@debianorg>
Date: Tue, 24 Oct 2017 20:33:02 UTC
Severity: important
Tags: security, upstream
Found in versio ...
Debian Bug report logs -
#992789
apr: CVE-2021-35940
Package:
src:apr;
Maintainer for src:apr is Debian Apache Maintainers <debian-apache@listsdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Mon, 23 Aug 2021 13:48:02 UTC
Severity: important
Tags: patch, pending, security, upstream
Found in ...
Debian Bug report logs -
#879708
apr: CVE-2017-12613
Package:
src:apr;
Maintainer for src:apr is Debian Apache Maintainers <debian-apache@listsdebianorg>;
Reported by: Moritz Muehlenhoff <jmm@debianorg>
Date: Tue, 24 Oct 2017 20:33:02 UTC
Severity: important
Tags: security, upstream
Found in versions apr/162-1, ...
Synopsis
Important: apr security update
Type/Severity
Security Advisory: Important
Topic
An update for apr is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring Sy ...
Synopsis
Important: httpd24-apr security update
Type/Severity
Security Advisory: Important
Topic
An update for httpd24-apr is now available for Red Hat Software CollectionsRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) b ...
Synopsis
Important: apr security update
Type/Severity
Security Advisory: Important
Topic
An update for apr is now available for Red Hat Enterprise Linux 64 Advanced Update Support, Red Hat Enterprise Linux 65 Advanced Update Support, Red Hat Enterprise Linux 66 Advanced Update Support, Red Hat Enterprise ...
Synopsis
Important: Red Hat JBoss Web Server 310 Service Pack 2 security update
Type/Severity
Security Advisory: Important
Topic
An update is now available for Red Hat JBoss Web Server 31 for RHEL 6 and Red Hat JBoss Web Server 31 for RHEL 7Red Hat Product Security has rated this update as having a sec ...
Synopsis
Important: Red Hat JBoss Web Server 310 Service Pack 2 security update
Type/Severity
Security Advisory: Important
Topic
An update is now available for Red Hat JBoss Web Server 31Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scori ...
Synopsis
Important: Red Hat JBoss Core Services Apache HTTP Server 2423 security update
Type/Severity
Security Advisory: Important
Topic
An update is now available for JBoss Core Services on RHEL 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerabi ...
Synopsis
Important: Red Hat JBoss Core Services Apache HTTP Server 2423 security update
Type/Severity
Security Advisory: Important
Topic
An update is now available for Red Hat JBoss Core ServicesRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerabili ...
Synopsis
Important: Red Hat JBoss Core Services Apache HTTP Server 2423 security update
Type/Severity
Security Advisory: Important
Topic
An update is now available for JBoss Core Services on RHEL 6Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerabi ...
An out-of-bounds array dereference was found in apr_time_exp_get() An attacker could abuse an unvalidated usage of this function to cause a denial of service or potentially lead to data leak(CVE-2017-12613) ...
An out-of-bounds array dereference was found in apr_time_exp_get() An attacker could abuse an unvalidated usage of this function to cause a denial of service or potentially lead to data leak ...
When apr_exp_time*() or apr_os_exp_time*() functions are invoked with an invalid month field value in APR 162 and prior, out of bounds memory may be accessed in converting this value to an apr_time_exp_t value, potentially revealing the contents of a different static heap value or resulting in program termination, and may represent an information ...