CVE-2022-24963: Apache Portable Runtime (APR): out-of-bound writes in the apr_encode family of functions

Eric Covener Tue, 31 Jan 2023 07:12:40 -0800

Severity: moderate

Description:


Integer Overflow or Wraparound vulnerability in apr_encode functions of Apache 
Portable Runtime (APR) allows an attacker to write beyond bounds of a buffer.
This issue affects Apache Portable Runtime (APR) version 1.7.0.

Credit:

Ronald Crane (Zippenhop LLC) (finder)

References:

https://apr.apache.org/
https://www.cve.org/CVERecord?id=CVE-2022-24963

CVE-2022-24963: Apache Portable Runtime (APR): out-of-bound writes in the apr_encode family of functions

Reply via email to