14 lines
1.3 KiB
JSON
14 lines
1.3 KiB
JSON
{
|
|
"id": "openEuler-SA-2023-1105",
|
|
"url": "https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2023-1105",
|
|
"title": "An update for apr-util is now available for openEuler-20.03-LTS-SP1,openEuler-20.03-LTS-SP3 and openEuler-22.03-LTS",
|
|
"severity": "Critical",
|
|
"description": "The mission of the Apache Portable Runtime (APR) project is to create and maintain software libraries that provide a predictable and consistent interface to underlying platform-specific implementations. The primary goal is to provide an API to which software developers may code and be assured of predictable if not identical behaviour regardless of the platform on which their software is built, relieving them of the need to code special-case conditions to work around or take advantage of platform-specific deficiencies or features.\r\n\r\nSecurity Fix(es):\r\n\r\nInteger Overflow or Wraparound vulnerability in apr_base64 functions of Apache Portable Runtime Utility (APR-util) allows an attacker to write beyond bounds of a buffer. This issue affects Apache Portable Runtime Utility (APR-util) 1.6.1 and prior versions.(CVE-2022-25147)",
|
|
"cves": [
|
|
{
|
|
"id": "CVE-2022-25147",
|
|
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25147",
|
|
"severity": "Critical"
|
|
}
|
|
]
|
|
} |