Unrated severityNVD Advisory· Published Jan 31, 2023· Updated Feb 13, 2025
Apache Portable Runtime Utility (APR-util): out-of-bounds writes in the apr_base64 family of functions
CVE-2022-25147
Description
Integer Overflow or Wraparound vulnerability in apr_base64 functions of Apache Portable Runtime Utility (APR-util) allows an attacker to write beyond bounds of a buffer.
This issue affects Apache Portable Runtime Utility (APR-util) 1.6.1 and prior versions.
Affected products
39- osv-coords37 versionspkg:rpm/almalinux/apr-utilpkg:rpm/almalinux/apr-util-bdbpkg:rpm/almalinux/apr-util-develpkg:rpm/almalinux/apr-util-ldappkg:rpm/almalinux/apr-util-mysqlpkg:rpm/almalinux/apr-util-odbcpkg:rpm/almalinux/apr-util-opensslpkg:rpm/almalinux/apr-util-pgsqlpkg:rpm/almalinux/apr-util-sqlitepkg:rpm/opensuse/apr-util&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/apr-util&distro=openSUSE%20Tumbleweedpkg:rpm/suse/apr-util&distro=SUSE%20Enterprise%20Storage%207pkg:rpm/suse/apr-util&distro=SUSE%20Enterprise%20Storage%207.1pkg:rpm/suse/apr-util&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-LTSSpkg:rpm/suse/apr-util&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSSpkg:rpm/suse/apr-util&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-ESPOSpkg:rpm/suse/apr-util&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSSpkg:rpm/suse/apr-util&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP4pkg:rpm/suse/apr-util&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP4pkg:rpm/suse/apr-util&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2015%20SP3pkg:rpm/suse/apr-util&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSSpkg:rpm/suse/apr-util&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSSpkg:rpm/suse/apr-util&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSSpkg:rpm/suse/apr-util&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP1pkg:rpm/suse/apr-util&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2pkg:rpm/suse/apr-util&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3pkg:rpm/suse/apr-util&distro=SUSE%20Manager%20Proxy%204.2pkg:rpm/suse/apr-util&distro=SUSE%20Manager%20Retail%20Branch%20Server%204.2pkg:rpm/suse/apr-util&distro=SUSE%20Manager%20Server%204.2pkg:rpm/suse/libapr-util1&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCLpkg:rpm/suse/libapr-util1&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4-LTSSpkg:rpm/suse/libapr-util1&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/libapr-util1&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4pkg:rpm/suse/libapr-util1&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/libapr-util1&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5pkg:rpm/suse/libapr-util1&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/libapr-util1&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209
< 1.6.1-6.el8_8.1+ 36 more
- (no CPE)range: < 1.6.1-6.el8_8.1
- (no CPE)range: < 1.6.1-6.el8_8.1
- (no CPE)range: < 1.6.1-6.el8_8.1
- (no CPE)range: < 1.6.1-6.el8_8.1
- (no CPE)range: < 1.6.1-6.el8_8.1
- (no CPE)range: < 1.6.1-6.el8_8.1
- (no CPE)range: < 1.6.1-6.el8_8.1
- (no CPE)range: < 1.6.1-6.el8_8.1
- (no CPE)range: < 1.6.1-6.el8_8.1
- (no CPE)range: < 1.6.1-150300.18.5.1
- (no CPE)range: < 1.6.3-1.1
- (no CPE)range: < 1.6.1-150200.12.3.1
- (no CPE)range: < 1.6.1-150300.18.5.1
- (no CPE)range: < 1.6.1-150000.4.9.1
- (no CPE)range: < 1.6.1-150200.12.3.1
- (no CPE)range: < 1.6.1-150300.18.5.1
- (no CPE)range: < 1.6.1-150300.18.5.1
- (no CPE)range: < 1.6.1-150300.18.5.1
- (no CPE)range: < 1.6.1-150300.18.5.1
- (no CPE)range: < 1.6.1-150300.18.5.1
- (no CPE)range: < 1.6.1-150000.4.9.1
- (no CPE)range: < 1.6.1-150200.12.3.1
- (no CPE)range: < 1.6.1-150300.18.5.1
- (no CPE)range: < 1.6.1-150000.4.9.1
- (no CPE)range: < 1.6.1-150200.12.3.1
- (no CPE)range: < 1.6.1-150300.18.5.1
- (no CPE)range: < 1.6.1-150300.18.5.1
- (no CPE)range: < 1.6.1-150300.18.5.1
- (no CPE)range: < 1.6.1-150300.18.5.1
- (no CPE)range: < 1.5.3-2.11.1
- (no CPE)range: < 1.5.3-8.7.1
- (no CPE)range: < 1.5.3-8.7.1
- (no CPE)range: < 1.5.3-8.7.1
- (no CPE)range: < 1.5.3-8.7.1
- (no CPE)range: < 1.5.3-8.7.1
- (no CPE)range: < 1.5.3-8.7.1
- (no CPE)range: < 1.5.3-8.7.1
- Range: 0
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.