Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

rocky логотип

RLSA-2023:3109

Опубликовано: 17 мая 2023
Источник: rocky
Оценка: Important

Описание

Important: apr-util security update

The Apache Portable Runtime (APR) is a portability library used by the Apache HTTP Server and other projects. apr-util is a library which provides additional utility interfaces for APR; including support for XML parsing, LDAP, database interfaces, URI parsing, and more.

Security Fix(es):

  • apr-util: out-of-bounds writes in the apr_base64 (CVE-2022-25147)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Затронутые продукты

  • Rocky Linux 8

НаименованиеАрхитектураРелизRPM
apr-utilx86_646.el8.1apr-util-1.6.1-6.el8.1.x86_64.rpm
apr-util-bdbx86_646.el8.1apr-util-bdb-1.6.1-6.el8.1.x86_64.rpm
apr-util-develx86_646.el8.1apr-util-devel-1.6.1-6.el8.1.x86_64.rpm
apr-util-ldapx86_646.el8.1apr-util-ldap-1.6.1-6.el8.1.x86_64.rpm
apr-util-mysqlx86_646.el8.1apr-util-mysql-1.6.1-6.el8.1.x86_64.rpm
apr-util-odbcx86_646.el8.1apr-util-odbc-1.6.1-6.el8.1.x86_64.rpm
apr-util-opensslx86_646.el8.1apr-util-openssl-1.6.1-6.el8.1.x86_64.rpm
apr-util-pgsqlx86_646.el8.1apr-util-pgsql-1.6.1-6.el8.1.x86_64.rpm
apr-util-sqlitex86_646.el8.1apr-util-sqlite-1.6.1-6.el8.1.x86_64.rpm
apr-utilx86_646.el8_8.1apr-util-1.6.1-6.el8_8.1.x86_64.rpm

Показывать по

Связанные CVE

CVE-2022-25147

Ссылки на источники

Исправления

Связанные уязвимости

ubuntu логотип

CVE-2022-25147

CVSS3: 6.5
ubuntu
больше 2 лет назад

Integer Overflow or Wraparound vulnerability in apr_base64 functions of Apache Portable Runtime Utility (APR-util) allows an attacker to write beyond bounds of a buffer. This issue affects Apache Portable Runtime Utility (APR-util) 1.6.1 and prior versions.

redhat логотип

CVE-2022-25147

CVSS3: 6.5
redhat
больше 2 лет назад

Integer Overflow or Wraparound vulnerability in apr_base64 functions of Apache Portable Runtime Utility (APR-util) allows an attacker to write beyond bounds of a buffer. This issue affects Apache Portable Runtime Utility (APR-util) 1.6.1 and prior versions.

nvd логотип

CVE-2022-25147

CVSS3: 6.5
nvd
больше 2 лет назад

Integer Overflow or Wraparound vulnerability in apr_base64 functions of Apache Portable Runtime Utility (APR-util) allows an attacker to write beyond bounds of a buffer. This issue affects Apache Portable Runtime Utility (APR-util) 1.6.1 and prior versions.

msrc логотип

CVE-2022-25147

CVSS3: 6.5
msrc
больше 2 лет назад

Описание отсутствует

debian логотип

CVE-2022-25147

CVSS3: 6.5
debian
больше 2 лет назад

Integer Overflow or Wraparound vulnerability in apr_base64 functions o ...