Skip to main content

Portable Runtime

3 CVEs product

Monthly

CVE-2021-35940 HIGH PATCH This Week

An out-of-bounds array read in the apr_time_exp*() functions was fixed in the Apache Portable Runtime 1.6.3 release (CVE-2017-12613). Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Apache Information Disclosure Portable Runtime Http Server
NVD
CVSS 3.1
7.1
EPSS
1.2%
CVE-2017-12613 HIGH This Week

When apr_time_exp*() or apr_os_exp_time*() functions are invoked with an invalid month field value in Apache Portable Runtime APR 1.6.2 and prior, out of bounds memory may be accessed in converting. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Apache Information Disclosure Portable Runtime +10
NVD
CVSS 3.1
7.1
EPSS
0.2%
CVE-2012-0840 MEDIUM POC PATCH THREAT This Month

tables/apr_hash.c in the Apache Portable Runtime (APR) library through 1.4.5 computes hash values without restricting the ability to trigger hash collisions predictably, which allows. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 37.2%.

Denial Of Service Apache Portable Runtime
NVD Exploit-DB
CVSS 2.0
5.0
EPSS
37.2%
EPSS 1% CVSS 7.1
HIGH PATCH This Week

An out-of-bounds array read in the apr_time_exp*() functions was fixed in the Apache Portable Runtime 1.6.3 release (CVE-2017-12613). Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Apache Information Disclosure +2
NVD
EPSS 0% CVSS 7.1
HIGH This Week

When apr_time_exp*() or apr_os_exp_time*() functions are invoked with an invalid month field value in Apache Portable Runtime APR 1.6.2 and prior, out of bounds memory may be accessed in converting. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Apache +12
NVD
EPSS 37% CVSS 5.0
MEDIUM POC PATCH THREAT This Month

tables/apr_hash.c in the Apache Portable Runtime (APR) library through 1.4.5 computes hash values without restricting the ability to trigger hash collisions predictably, which allows. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 37.2%.

Denial Of Service Apache Portable Runtime
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy