VYPR

Portable Runtime API

by Netscape

CVEs (3)

  • CVE-2006-4842Oct 12, 2006
    risk 0.04cvss epss 0.08

    The Netscape Portable Runtime (NSPR) API 4.6.1 and 4.6.2, as used in Sun Solaris 10, trusts user-specified environment variables for specifying log files even when running from setuid programs, which allows local users to create or overwrite arbitrary files.

  • CVE-2022-24963Jan 31, 2023
    risk 0.00cvss epss 0.01

    Integer Overflow or Wraparound vulnerability in apr_encode functions of Apache Portable Runtime (APR) allows an attacker to write beyond bounds of a buffer. This issue affects Apache Portable Runtime (APR) version 1.7.0.

  • CVE-2021-35940Aug 23, 2021
    risk 0.00cvss epss 0.01

    An out-of-bounds array read in the apr_time_exp*() functions was fixed in the Apache Portable Runtime 1.6.3 release (CVE-2017-12613). The fix for this issue was not carried forward to the APR 1.7.x branch, and hence version 1.7.0 regressed compared to 1.6.3 and is vulnerable to…