You are viewing a plain text version of this content. The canonical link for it is here.
Posted to announce@apache.org by Eric Covener <co...@apache.org> on 2023/01/31 15:12:33 UTC
CVE-2022-24963: Apache Portable Runtime (APR): out-of-bound writes in the apr_encode family of functions
Severity: moderate
Description:
Integer Overflow or Wraparound vulnerability in apr_encode functions of Apache Portable Runtime (APR) allows an attacker to write beyond bounds of a buffer.
This issue affects Apache Portable Runtime (APR) version 1.7.0.
Credit:
Ronald Crane (Zippenhop LLC) (finder)
References:
https://apr.apache.org/
https://www.cve.org/CVERecord?id=CVE-2022-24963