Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.5
CVSSv3

CVE-2022-25147

Published: 31/01/2023 Updated: 15/03/2024
CVSS v3 Base Score: 6.5 | Impact Score: 2.5 | Exploitability Score: 3.9
VMScore: 0
Subscribe to Apache

Vulnerability Summary

Integer Overflow or Wraparound vulnerability in apr_base64 functions of Apache Portable Runtime Utility (APR-util) allows an malicious user to write beyond bounds of a buffer. This issue affects Apache Portable Runtime Utility (APR-util) 1.6.1 and prior versions.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

apache portable runtime utility

Vendor Advisories

Debian Security Advisories: DSA-5364-1 apr-util -- security update
Ronald Crane discovered that missing input sanitizing in the apr_base64 functions of apr-util, the Apache Portable Runtime utility library, may result in denial of service or potentially the execution of arbitrary code For the stable distribution (bullseye), this problem has been fixed in version 161-5+deb11u1 We recommend that you upgrade your ...
Amazon Linux 2: ALAS2-2023-1937
Integer Overflow or Wraparound vulnerability in apr_base64 functions of Apache Portable Runtime Utility (APR-util) allows an attacker to write beyond bounds of a buffer This issue affects Apache Portable Runtime Utility (APR-util) 161 and prior versions (CVE-2022-25147) ...
Amazon Linux AMI: ALAS-2023-1684
Integer Overflow or Wraparound vulnerability in apr_base64 functions of Apache Portable Runtime Utility (APR-util) allows an attacker to write beyond bounds of a buffer This issue affects Apache Portable Runtime Utility (APR-util) 161 and prior versions (CVE-2022-25147) ...
Red Hat: Important: apr-util security update
Synopsis Important: apr-util security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for apr-util is now available for Red Hat Enterprise Linux 81 Update Services for SAP SolutionsRed Hat Product Secur ...
Red Hat: Moderate: OpenShift Container Platform 4.13.1 bug fix and security update
Synopsis Moderate: OpenShift Container Platform 4131 bug fix and security update Type/Severity Security Advisory: Moderate Topic Red Hat OpenShift Container Platform release 4131 is now available with updates to packages and images that fix several bugs and add enhancementsThis release includes a security update for Red Hat OpenShift Con ...
Red Hat: Moderate: apr-util security update
Synopsis Moderate: apr-util security update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for apr-util is now available for Red Hat Enterprise Linux 82 Advanced Update Support, Red Hat Enterprise Linux 82 Tel ...
Red Hat: Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.51 SP2 security update
Synopsis Important: Red Hat JBoss Core Services Apache HTTP Server 2451 SP2 security update Type/Severity Security Advisory: Important Topic Red Hat JBoss Core Services Apache HTTP Server 2451 Service Pack 2 is now availableRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Sco ...
Red Hat: Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.51 SP2 security update
Synopsis Important: Red Hat JBoss Core Services Apache HTTP Server 2451 SP2 security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update is now available for Red Hat JBoss Core Services Apache HTTP Server 2 ...
Red Hat: Important: apr-util security update
Synopsis Important: apr-util security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for apr-util is now available for Red Hat Enterprise Linux 90 Extended Update SupportRed Hat Product Security has ra ...
Red Hat: Important: apr-util security update
Synopsis Important: apr-util security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for apr-util is now available for Red Hat Enterprise Linux 9Red Hat Product Security has rated this update as having ...
Red Hat: Important: apr-util security update
Synopsis Important: apr-util security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for apr-util is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having ...
Red Hat: Important: apr-util security update
Synopsis Important: apr-util security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for apr-util is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having ...
Red Hat: Moderate: OpenShift Container Platform 4.12.19 bug fix and security update
Synopsis Moderate: OpenShift Container Platform 41219 bug fix and security update Type/Severity Security Advisory: Moderate Topic Red Hat OpenShift Container Platform release 41219 is now available with updates to packages and images that fix several bugs and add enhancementsThis release includes a security update for Red Hat OpenShift C ...
Red Hat: Important: apr-util security update
Synopsis Important: apr-util security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for apr-util is now available for Red Hat Enterprise Linux 86 Extended Update SupportRed Hat Product Security has ra ...
Red Hat: Moderate: Logging Subsystem 5.7.2 - Red Hat OpenShift security update
Synopsis Moderate: Logging Subsystem 572 - Red Hat OpenShift security update Type/Severity Security Advisory: Moderate Topic Logging Subsystem 572 - Red Hat OpenShiftRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severi ...
Red Hat: Important: Migration Toolkit for Containers (MTC) 1.7.10 security and bug fix update
Synopsis Important: Migration Toolkit for Containers (MTC) 1710 security and bug fix update Type/Severity Security Advisory: Important Topic The Migration Toolkit for Containers (MTC) 1710 is now availableRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) ...
Red Hat: Important: OpenShift Container Platform 4.13.2 bug fix and security update
Synopsis Important: OpenShift Container Platform 4132 bug fix and security update Type/Severity Security Advisory: Important Topic Red Hat OpenShift Container Platform release 4132 is now available with updates to packages and images that fix several bugs and add enhancementsThis release includes a security update for Red Hat OpenShift C ...
Red Hat:
DescriptionThe MITRE CVE dictionary describes this issue as: Integer Overflow or Wraparound vulnerability in apr_base64 functions of Apache Portable Runtime Utility (APR-util) allows an attacker to write beyond bounds of a buffer This issue affects Apache Portable Runtime Utility (APR-util) 161 and prior versions ...
Hitachi Security Advisories: Vulnerability in Cosminexus HTTP Server
A vulnerability (CVE-2022-25147) exists in Cosminexus HTTP Server Affected products and versions are listed below Please upgrade your version to the appropriate version ...
Hitachi Security Advisories: Multiple Vulnerabilities in Hitachi Configuration Manager and Hitachi Ops Center API Configuration Manager
Multiple vulnerabilities have been found in Hitachi Configuration Manager and Hitachi Ops Center API Configuration Manager CVE-2022-25147, CVE-2022-28331 Affected products and versions are listed below Please upgrade your version to the appropriate version ...

References

CWE-190https://lists.apache.org/thread/np5gjqlohc4f62lr09vrn61vl44cylh8https://security.netapp.com/advisory/ntap-20240315-0001/https://www.debian.org/security/2023/dsa-5364https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionCVE-2006-4304CVE-2023-26603CVE-2024-28327CVE-2023-50363CVE-2024-21905template injectionCVE-2024-3400cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook