Vulnerabilities > CVE-2022-24963 - Unspecified vulnerability in Apache Portable Runtime 1.7.0

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

apache

critical

NVD

Published: 2023-01-31

Updated: 2024-11-21

Summary

Integer Overflow or Wraparound vulnerability in apr_encode functions of Apache Portable Runtime (APR) allows an attacker to write beyond bounds of a buffer. This issue affects Apache Portable Runtime (APR) version 1.7.0.

Vulnerable Configurations

Part	Description	Count
Application	Apache Apache Portable Runtime 1.7.0	1

References

https://lists.apache.org/thread/fw9p6sdncwsjkstwc066vz57xqzfksq9
https://lists.apache.org/thread/fw9p6sdncwsjkstwc066vz57xqzfksq9
https://security.netapp.com/advisory/ntap-20230908-0008/
https://security.netapp.com/advisory/ntap-20230908-0008/