The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.
tables/apr_hash.c in the Apache Portable Runtime (APR) library through 1.4.5 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table.
cpe:2.3:a:apache:portable_runtime:*:*:*:*:*:*:*:* versions up to 1.4.5 (inclusive)
|74066||GLSA-201405-24 : Apache Portable Runtime, APR Utility Library: Denial of Service||Nessus||Gentoo Local Security Checks|
|58188||Fedora 16 : apr-1.4.6-1.fc16 (2012-1709)||Nessus||Fedora Local Security Checks|
|58187||Fedora 15 : apr-1.4.6-1.fc15 (2012-1656)||Nessus||Fedora Local Security Checks|
|57955||Mandriva Linux Security Advisory : apr (MDVSA-2012:019)||Nessus||Mandriva Local Security Checks|