Ronald Crane discovered that missing input sanitizing in the apr_encode
functions of apr, the Apache Portable Runtime library, may result in
denial of service or potentially the execution of arbitrary code
For the stable distribution (bullseye), this problem has been fixed in
version 170-6+deb11u2
We recommend that you upgrade your apr packages ...
Synopsis
Moderate: Red Hat JBoss Web Server 574 release and security update
Type/Severity
Security Advisory: Moderate
Topic
Red Hat JBoss Web Server 574 zip release is now available for Red Hat Enterprise Linux 7, Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9, and Windows ServerRed Hat Product Security has rated this release as ...
Synopsis
Moderate: apr security update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for apr is now available for Red Hat Enterprise Linux 9Red Hat Product Security has rated this update as having a security i ...
Synopsis
Moderate: Red Hat JBoss Web Server 574 release and security update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update is now available for Red Hat JBoss Web Server 574 on Red Hat Enterprise Linux versio ...
Synopsis
Moderate: Red Hat JBoss Core Services Apache HTTP Server 2457 security update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update is now available for Red Hat JBoss Core ServicesRed Hat Product Security h ...
Synopsis
Moderate: Red Hat JBoss Core Services Apache HTTP Server 2457 security update
Type/Severity
Security Advisory: Moderate
Topic
Red Hat JBoss Core Services Apache HTTP Server 2457 is now availableRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) bas ...
An out-of-bounds array read in the apr_time_exp*() functions was fixed in the Apache Portable Runtime 163 release (CVE-2017-12613) The fix for this issue was not carried forward to the APR 17x branch, and hence version 170 regressed compared to 163 and is vulnerable to the same issue (CVE-2021-35940)
Integer Overflow or Wraparound vulnera ...
Description<!---->A flaw was found in Apache Portable Runtime (APR) This issue may allow a malicious attacker to write beyond the bounds of a bufferA flaw was found in Apache Portable Runtime (APR) This issue may allow a malicious attacker to write beyond the bounds of a buffer ...
A vulnerability (CVE-2022-24963) exists in Cosminexus HTTP Server
Affected products and versions are listed below Please upgrade your version to the appropriate version ...