user/apr-util: CVE-2022-25147: Integer Overflow or Wraparound vulnerability in apr_base64 functions
We are at 1.6.1
as of the 1.0-BETA5
tag, latest is 1.6.3
:
Name | Description |
---|---|
CVE-2022-25147 | Integer Overflow or Wraparound vulnerability in apr_base64 functions of Apache Portable Runtime Utility (APR-util) allows an attacker to write beyond bounds of a buffer. This issue affects Apache Portable Runtime Utility (APR-util) 1.6.1 and prior versions. |
Reference: https://downloads.apache.org/apr/CHANGES-APR-UTIL-1.6
Changes with APR-util 1.6.2
*) SECURITY: CVE-2022-25147 (cve.mitre.org)
Integer Overflow or Wraparound vulnerability in apr_base64 functions
of Apache Portable Runtime Utility (APR-util) allows an attacker to
write beyond bounds of a buffer.