{ "schema_version": "1.4.0", "id": "GHSA-x7rw-r7fp-j64f", "modified": "2025-04-11T03:55:18Z", "published": "2022-05-17T00:18:18Z", "aliases": [ "CVE-2012-0840" ], "details": "tables/apr_hash.c in the Apache Portable Runtime (APR) library through 1.4.5 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table.", "severity": [], "affected": [], "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-0840" }, { "type": "WEB", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73096" }, { "type": "WEB", "url": "http://mail-archives.apache.org/mod_mbox/apr-commits/201201.mbox/%3C20120115003715.071D423888FD%40eris.apache.org%3E" }, { "type": "WEB", "url": "http://mail-archives.apache.org/mod_mbox/apr-commits/201201.mbox/%3C20120115003715.071D423888FD@eris.apache.org%3E" }, { "type": "WEB", "url": "http://openwall.com/lists/oss-security/2012/02/08/3" }, { "type": "WEB", "url": "http://openwall.com/lists/oss-security/2012/02/09/1" }, { "type": "WEB", "url": "http://secunia.com/advisories/47862" }, { "type": "WEB", "url": "http://svn.apache.org/viewvc?rev=1231605&view=rev" }, { "type": "WEB", "url": "http://www.mail-archive.com/dev%40apr.apache.org/msg24439.html" }, { "type": "WEB", "url": "http://www.mail-archive.com/dev%40apr.apache.org/msg24472.html" }, { "type": "WEB", "url": "http://www.mail-archive.com/dev%40apr.apache.org/msg24473.html" }, { "type": "WEB", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:019" } ], "database_specific": { "cwe_ids": [ "CWE-20" ], "severity": "MODERATE", "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2012-02-10T19:55:00Z" } }