2 matches found
SUSE-SU-2023:0389-1 Security update for apr-util
This update for apr-util fixes the following issues: - CVE-2022-25147: Fixed a buffer overflow possible with specially crafted input during base64 encoding bsc1207866...
Apache Httpd < 2.0.65 : apr_fnmatch flaw leads to mod_autoindex remote DoS
A flaw was found in the aprfnmatch function of the bundled APR library. Where modautoindex is enabled, and a directory indexed by modautoindex contained files with sufficiently long names, a remote attacker could send a carefully crafted request which would cause excessive CPU usage. This could b...