Unrated severityNVD Advisory· Published Jan 31, 2023· Updated Mar 27, 2025
Apache Portable Runtime (APR): out-of-bound writes in the apr_encode family of functions
CVE-2022-24963
Description
Integer Overflow or Wraparound vulnerability in apr_encode functions of Apache Portable Runtime (APR) allows an attacker to write beyond bounds of a buffer. This issue affects Apache Portable Runtime (APR) version 1.7.0.
Affected products
6- Range: = 1.7.0
- osv-coords4 versionspkg:bitnami/aprpkg:rpm/almalinux/aprpkg:rpm/almalinux/apr-develpkg:rpm/opensuse/apr&distro=openSUSE%20Tumbleweed
>= 1.7.0, < 1.7.1+ 3 more
- (no CPE)range: >= 1.7.0, < 1.7.1
- (no CPE)range: < 1.7.0-12.el9_3
- (no CPE)range: < 1.7.0-12.el9_3
- (no CPE)range: < 1.7.2-1.1
- Range: 1.7.0
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.