439 matches found
The vulnerability in the apr_base64 function of the Apache Portable Runtime library allows a hacker to execute arbitrary code.
The vulnerability of the aprbase64 function in the Apache Portable Runtime library APR relates to the ability to write beyond the buffer boundaries. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...
[SECURITY] Fedora 40 Update: tomcat-native-1.2.36-4.fc40
Tomcat can use the Apache Portable Runtime to provide superior scalability, performance, and better integration with native server technologies. The Apache Portable Runtime is a highly portable library that is at the heart of Apache HTTP Server 2.x. APR has many uses, including access to advanced...
BIT-APR-2021-35940 Regression of CVE-2017-12613
An out-of-bounds array read in the aprtimeexp functions was fixed in the Apache Portable Runtime 1.6.3 release CVE-2017-12613. The fix for this issue was not carried forward to the APR 1.7.x branch, and hence version 1.7.0 regressed compared to 1.6.3 and is vulnerable to the same issue...
BIT-APR-2022-24963 Apache Portable Runtime (APR): out-of-bound writes in the apr_encode family of functions
Integer Overflow or Wraparound vulnerability in aprencode functions of Apache Portable Runtime APR allows an attacker to write beyond bounds of a buffer. This issue affects Apache Portable Runtime APR version 1.7.0...
BIT-APR-2022-28331 Apache Portable Runtime (APR): Windows out-of-bounds write in apr_socket_sendv function
On Windows, Apache Portable Runtime 1.7.0 and earlier may write beyond the end of a stack based buffer in aprsocketsendv. This is a result of integer overflow...
CentOS 8 : apr-util (CESA-2023:3109)
The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2023:3109 advisory. - Integer Overflow or Wraparound vulnerability in aprbase64 functions of Apache Portable Runtime Utility APR-util allows an attacker to write beyond bounds of a...
The vulnerability of the apr_encode function in the Apache Portable Runtime library allows a hacker to execute arbitrary code.
The vulnerability of the aprencode function in the Apache Portable Runtime APR library is related to integer overflow when processing field lengths. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...
apr: integer overflow/wraparound in apr_encode
A flaw was found in Apache Portable Runtime APR. This issue may allow a malicious attacker to write beyond the bounds of a buffer...
Moderate: Red Hat Security Advisory: apr security update
An update for apr is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...
AlmaLinux 9 : apr (ALSA-2023:7711)
The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:7711 advisory. - Integer Overflow or Wraparound vulnerability in aprencode functions of Apache Portable Runtime APR allows an attacker to write beyond bounds of a buffer. This...
Moderate: apr security update
The Apache Portable Runtime APR is a portability library used by the Apache HTTP Server and other projects. It provides a free library of C data structures and routines. Security Fixes: apr: integer overflow/wraparound in aprencode CVE-2022-24963 For more details about the security issues,...
RHEL 9 : apr (RHSA-2023:7711)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:7711 advisory. The Apache Portable Runtime APR is a portability library used by the Apache HTTP Server and other projects. It provides a free library of C data...
ALSA-2023:7711 Moderate: apr security update
The Apache Portable Runtime APR is a portability library used by the Apache HTTP Server and other projects. It provides a free library of C data structures and routines. Security Fixes: apr: integer overflow/wraparound in aprencode CVE-2022-24963 For more details about the security issues,...
Oracle Linux 9 : apr (ELSA-2023-7711)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-7711 advisory. 1.7.0-12 - fix integer bounds checking in aprencode Resolves: RHEL-17123 Tenable has extracted the preceding description block directly from the Oracle Linux...
K000137702: Apache vulnerability CVE-2022-25147
Security Advisory Description Integer Overflow or Wraparound vulnerability in aprbase64 functions of Apache Portable Runtime Utility APR-util allows an attacker to write beyond bounds of a buffer. This issue affects Apache Portable Runtime Utility APR-util 1.6.1 and prior versions. CVE-2022-25147...
NewStart CGSL MAIN 6.06 : apr-util Vulnerability (NS-SA-2023-0131)
The remote NewStart CGSL host, running version MAIN 6.06, has apr-util packages installed that are affected by a vulnerability: - Integer Overflow or Wraparound vulnerability in aprbase64 functions of Apache Portable Runtime Utility APR-util allows an attacker to write beyond bounds of a buffer...
Security Bulletin: IBM QRadar SIEM includes components with known vulnerabilities
Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. IBM QRadar SIEM has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2023-34981 DESCRIPTION: Apache Tomcat could allow a remote attacker to obtain...
Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-6.5.3.7)
The version of AOS installed on the remote host is prior to 6.5.3.7. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-6.5.3.7 advisory. - An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying...
apr: Windows out-of-bounds write in apr_socket_sendv function
A flaw was found in Apache Portable Runtime, affecting versions = 1.7.0. This issue may allow a malicious user to write beyond the end of a stack buffer and cause an integer overflow. This affects Windows environments...
apr: integer overflow/wraparound in apr_encode
A flaw was found in Apache Portable Runtime APR. This issue may allow a malicious attacker to write beyond the bounds of a buffer...