CVE-2022-24963

Ronald Crane discovered that missing input sanitizing in the apr_encode functions of apr, the Apache Portable Runtime library, may result in denial of service or potentially the execution of arbitrary code For the stable distribution (bullseye), this problem has been fixed in version 170-6+deb11u2 We recommend that you upgrade your apr packages ...

Synopsis Moderate: Red Hat JBoss Web Server 574 release and security update Type/Severity Security Advisory: Moderate Topic Red Hat JBoss Web Server 574 zip release is now available for Red Hat Enterprise Linux 7, Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9, and Windows ServerRed Hat Product Security has rated this release as ...

Synopsis Moderate: apr security update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for apr is now available for Red Hat Enterprise Linux 9Red Hat Product Security has rated this update as having a security i ...

Synopsis Moderate: Red Hat JBoss Web Server 574 release and security update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update is now available for Red Hat JBoss Web Server 574 on Red Hat Enterprise Linux versio ...

Synopsis Moderate: Red Hat JBoss Core Services Apache HTTP Server 2457 security update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update is now available for Red Hat JBoss Core ServicesRed Hat Product Security h ...

Synopsis Moderate: Red Hat JBoss Core Services Apache HTTP Server 2457 security update Type/Severity Security Advisory: Moderate Topic Red Hat JBoss Core Services Apache HTTP Server 2457 is now availableRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) bas ...

An out-of-bounds array read in the apr_time_exp*() functions was fixed in the Apache Portable Runtime 163 release (CVE-2017-12613) The fix for this issue was not carried forward to the APR 17x branch, and hence version 170 regressed compared to 163 and is vulnerable to the same issue (CVE-2021-35940) Integer Overflow or Wraparound vulnera ...

Description<!---->A flaw was found in Apache Portable Runtime (APR) This issue may allow a malicious attacker to write beyond the bounds of a bufferA flaw was found in Apache Portable Runtime (APR) This issue may allow a malicious attacker to write beyond the bounds of a buffer ...

A vulnerability (CVE-2022-24963) exists in Cosminexus HTTP Server Affected products and versions are listed below Please upgrade your version to the appropriate version ...