what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 17 of 17 RSS Feed

CVE-2022-25147

Status Candidate

Overview

Integer Overflow or Wraparound vulnerability in apr_base64 functions of Apache Portable Runtime Utility (APR-util) allows an attacker to write beyond bounds of a buffer. This issue affects Apache Portable Runtime Utility (APR-util) 1.6.1 and prior versions.

Related Files

Red Hat Security Advisory 2023-3624-01
Posted Jun 16, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3624-01 - The Migration Toolkit for Containers enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API. Issues addressed include a denial of service vulnerability.

tags | advisory, web, denial of service
systems | linux, redhat
advisories | CVE-2021-46848, CVE-2022-1304, CVE-2022-25147, CVE-2022-2795, CVE-2022-2880, CVE-2022-35737, CVE-2022-36227, CVE-2022-3627, CVE-2022-3970, CVE-2022-41715, CVE-2022-41717, CVE-2022-42898, CVE-2022-4304, CVE-2022-4450
SHA-256 | d2f80d582085aae75b12f07fd85ac399fe95b0c3197d108af14ac014209e5633
Red Hat Security Advisory 2023-3495-01
Posted Jun 13, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3495-01 - Logging Subsystem 5.7.2 - Red Hat OpenShift. Issues addressed include cross site scripting and denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability, xss
systems | linux, redhat
advisories | CVE-2021-26341, CVE-2021-33655, CVE-2021-33656, CVE-2022-1462, CVE-2022-1679, CVE-2022-1789, CVE-2022-20141, CVE-2022-2196, CVE-2022-25147, CVE-2022-25265, CVE-2022-2663, CVE-2022-3028, CVE-2022-30594, CVE-2022-3239
SHA-256 | 75ededaa7ebb9bc88370e1dcf331b0264869168ba7cd74f69b15381204808248
Red Hat Security Advisory 2023-3354-01
Posted Jun 6, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3354-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.51 Service Pack 2 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.51 Service Pack 1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include bypass, denial of service, double free, out of bounds read, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, web, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2006-20001, CVE-2022-25147, CVE-2022-4304, CVE-2022-43551, CVE-2022-43552, CVE-2022-4450, CVE-2023-0215, CVE-2023-0286, CVE-2023-23914, CVE-2023-23915, CVE-2023-23916, CVE-2023-25690
SHA-256 | 872079b042f0763e48a97309fcbc46a8880cc332bd629c972bb2a0f58175222a
Red Hat Security Advisory 2023-3355-01
Posted Jun 6, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3355-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.51 Service Pack 2 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.51 Service Pack 1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include bypass, denial of service, double free, out of bounds read, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, web, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2006-20001, CVE-2022-25147, CVE-2022-4304, CVE-2022-43551, CVE-2022-43552, CVE-2022-43680, CVE-2022-4450, CVE-2023-0215, CVE-2023-0286, CVE-2023-23914, CVE-2023-23915, CVE-2023-23916, CVE-2023-25690
SHA-256 | cced047a9c8b64215ce3e215ff5c91c3249ad0174bafa7de957f9317816d705d
Red Hat Security Advisory 2023-3304-01
Posted Jun 5, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3304-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.13.1. Issues addressed include denial of service and traversal vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2018-17419, CVE-2021-36157, CVE-2022-25147, CVE-2022-41722, CVE-2022-41723, CVE-2023-25652, CVE-2023-25815, CVE-2023-29007
SHA-256 | 91069eb74686b5da4b567db05d7c23174c76c6c493d75b64cd6986faa991161d
Red Hat Security Advisory 2023-3309-01
Posted Jun 5, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3309-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.42. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2018-17419, CVE-2022-25147, CVE-2023-25652, CVE-2023-25815, CVE-2023-28617, CVE-2023-29007
SHA-256 | c91347d4eacd33c674502120cc2317c1f69bb7ba46d738f4b534bc4338ada89b
Red Hat Security Advisory 2023-3287-01
Posted Jun 5, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3287-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.12.19. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2018-17419, CVE-2022-25147, CVE-2023-25652, CVE-2023-25815, CVE-2023-29007
SHA-256 | 1241684510265ad75824115abf9b92bbebf8cff5cb431f6be0376a27ea5874b2
Red Hat Security Advisory 2023-3360-01
Posted Jun 5, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3360-01 - The Apache Portable Runtime is a portability library used by the Apache HTTP Server and other projects. "apr-util" is a library which provides additional utility interfaces for APR; including support for XML parsing, LDAP, database interfaces, URI parsing, and more. Issues addressed include an out of bounds write vulnerability.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2022-25147
SHA-256 | 73497ad46ee521e46832778833df91e52dfbe5f1cec27957e9027139b198ef1c
Red Hat Security Advisory 2023-3380-01
Posted Jun 5, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3380-01 - The Apache Portable Runtime is a portability library used by the Apache HTTP Server and other projects. apr-util is a library which provides additional utility interfaces for APR; including support for XML parsing, LDAP, database interfaces, URI parsing, and more. Issues addressed include an out of bounds write vulnerability.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2022-25147
SHA-256 | 056546bb110d0b58eea78e4d665338c2de72fcf784d192f892f31b4ccda896ab
Red Hat Security Advisory 2023-3177-01
Posted May 18, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3177-01 - The Apache Portable Runtime is a portability library used by the Apache HTTP Server and other projects. apr-util is a library which provides additional utility interfaces for APR; including support for XML parsing, LDAP, database interfaces, URI parsing, and more. Issues addressed include an out of bounds write vulnerability.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2022-25147
SHA-256 | 97d76318cf1509dbafa824df4406434d637982261af6b64ad1362f5ff8942075
Red Hat Security Advisory 2023-3178-01
Posted May 18, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3178-01 - The Apache Portable Runtime is a portability library used by the Apache HTTP Server and other projects. apr-util is a library which provides additional utility interfaces for APR; including support for XML parsing, LDAP, database interfaces, URI parsing, and more. Issues addressed include an out of bounds write vulnerability.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2022-25147
SHA-256 | 29e9a8f1f4f4eedf9bcc83371ae2074434c9f553bc853e015ac77e9d7a01d22a
Red Hat Security Advisory 2023-3145-01
Posted May 17, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3145-01 - The Apache Portable Runtime is a portability library used by the Apache HTTP Server and other projects. apr-util is a library which provides additional utility interfaces for APR; including support for XML parsing, LDAP, database interfaces, URI parsing, and more. Issues addressed include an out of bounds write vulnerability.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2022-25147
SHA-256 | debb486d8ade2a10db6add2805d4cd91f7b1e7847e25dc8bf6a254556386d408
Red Hat Security Advisory 2023-3147-01
Posted May 17, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3147-01 - The Apache Portable Runtime is a portability library used by the Apache HTTP Server and other projects. apr-util is a library which provides additional utility interfaces for APR; including support for XML parsing, LDAP, database interfaces, URI parsing, and more. Issues addressed include an out of bounds write vulnerability.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2022-25147
SHA-256 | de4c2159ca76957a01582a2be807be19716b818e62b14265bda837ef340be8f0
Red Hat Security Advisory 2023-3146-01
Posted May 17, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3146-01 - The Apache Portable Runtime is a portability library used by the Apache HTTP Server and other projects. apr-util is a library which provides additional utility interfaces for APR; including support for XML parsing, LDAP, database interfaces, URI parsing, and more. Issues addressed include an out of bounds write vulnerability.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2022-25147
SHA-256 | d6e36035e52f15a06ef283ccfd1f82bd17d0e54d2fcc17320605b6ef4b0727df
Red Hat Security Advisory 2023-3109-01
Posted May 16, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3109-01 - The Apache Portable Runtime is a portability library used by the Apache HTTP Server and other projects. apr-util is a library which provides additional utility interfaces for APR; including support for XML parsing, LDAP, database interfaces, URI parsing, and more. Issues addressed include an out of bounds write vulnerability.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2022-25147
SHA-256 | aedbd856460d72610c8bc77d2199480dcabd25a3b966dc6f4adc269f7b420324
Debian Security Advisory 5364-1
Posted Feb 27, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5364-1 - Ronald Crane discovered that missing input saniting in the apr_base64 functions of apr-util, the Apache Portable Runtime utility library, may result in denial of service or potentially the execution of arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, debian
advisories | CVE-2022-25147
SHA-256 | 0fd080fc2d20d8613ace2e272ac779ee75f49f96590d76bbadc9811f312aedf2
Ubuntu Security Notice USN-5870-1
Posted Feb 15, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5870-1 - Ronald Crane discovered that APR-util did not properly handled memory when encoding or decoding certain input data. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2022-25147
SHA-256 | 661dd734bd3528dd32e900e26ba6bbf81244f1fdb73f913d44a8a516a0377c50
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close