Apache » Portable Runtime Utility : Security Vulnerabilities, CVEs,
Integer Overflow or Wraparound vulnerability in apr_base64 functions of Apache Portable Runtime Utility (APR-util) allows an attacker to write beyond bounds of a buffer.
This issue affects Apache Portable Runtime Utility (APR-util) 1.6.1 and prior versions.
Max CVSS
6.5
EPSS Score
0.18%
Published
2023-01-31
Updated
2024-03-15
Apache Portable Runtime Utility (APR-util) 1.6.0 and prior fail to validate the integrity of SDBM database files used by apr_sdbm*() functions, resulting in a possible out of bound read access. A local user with write access to the database can make a program or process using these functions crash, and cause a denial of service.
Max CVSS
4.7
EPSS Score
0.04%
Published
2017-10-24
Updated
2018-10-31
2 vulnerabilities found