what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 7 of 7 RSS Feed

CVE-2022-24963

Status Candidate

Overview

Integer Overflow or Wraparound vulnerability in apr_encode functions of Apache Portable Runtime (APR) allows an attacker to write beyond bounds of a buffer. This issue affects Apache Portable Runtime (APR) version 1.7.0.

Related Files

Red Hat Security Advisory 2023-7711-03
Posted Dec 11, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-7711-03 - An update for apr is now available for Red Hat Enterprise Linux 9. Issues addressed include an integer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2022-24963
SHA-256 | d68b3332e6c495eae279014532c2df390f3e2cd62a16db7cc3c647b3bdc6bf75
Red Hat Security Advisory 2023-4910-01
Posted Sep 4, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4910-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This release of Red Hat JBoss Web Server 5.7.4 serves as a replacement for Red Hat JBoss Web Server 5.7.3. This release includes bug fixes, enhancements and component upgrades, which are documented in the Release Notes, linked to in the References section. Issues addressed include denial of service, information leakage, integer overflow, and out of bounds write vulnerabilities.

tags | advisory, java, web, denial of service, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2022-24963, CVE-2022-28331, CVE-2023-24998, CVE-2023-28708, CVE-2023-28709
SHA-256 | eb75438ef29d3419f6725183bfbeb51f52079fcb4b05c04f5a9dab7196252540
Red Hat Security Advisory 2023-4909-01
Posted Sep 4, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4909-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This release of Red Hat JBoss Web Server 5.7.4 serves as a replacement for Red Hat JBoss Web Server 5.7.3. This release includes bug fixes, enhancements and component upgrades, which are documented in the Release Notes, linked to in the References section. Issues addressed include denial of service, information leakage, and integer overflow vulnerabilities.

tags | advisory, java, web, denial of service, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2022-24963, CVE-2023-24998, CVE-2023-28708, CVE-2023-28709
SHA-256 | 42d63a53d46500f97ac09efb36b14aeae78e4c4154a0783587555b21ea3cde1c
Red Hat Security Advisory 2023-4628-01
Posted Aug 16, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4628-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products and packaged under Red Hat JBoss Core Services, to allow for faster distribution of updates and for a more consistent update experience. This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.57 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.51 Service Pack 2, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include HTTP response splitting, bypass, integer overflow, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2022-24963, CVE-2022-28331, CVE-2022-36760, CVE-2022-37436, CVE-2022-48279, CVE-2023-24021, CVE-2023-27522, CVE-2023-28319, CVE-2023-28321, CVE-2023-28322, CVE-2023-28484, CVE-2023-29469
SHA-256 | 2421b3b97cc7191c9230548e299fe246f93d5b82a4d21e6fa8eaf14abddaa1f0
Red Hat Security Advisory 2023-4629-01
Posted Aug 16, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4629-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products and packaged under Red Hat JBoss Core Services, to allow for faster distribution of updates and for a more consistent update experience. This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.57 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.51 Service Pack 2, and includes bug fixes and enhancements, which are documented in the Release Notes linked to in the References section. Issues addressed include HTTP response splitting, bypass, integer overflow, and use-after-free vulnerabilities.

tags | advisory, web, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2022-24963, CVE-2022-36760, CVE-2022-37436, CVE-2022-48279, CVE-2023-24021, CVE-2023-27522, CVE-2023-28319, CVE-2023-28321, CVE-2023-28322
SHA-256 | 6c109e8112c245ff647417e707926d11d65d612b66e7ae46f1f05cb3ab724077
Debian Security Advisory 5370-1
Posted Mar 8, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5370-1 - Ronald Crane discovered that missing input saniting in the apr_encode functions of apr, the Apache Portable Runtime library, may result in denial of service or potentially the execution of arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, debian
advisories | CVE-2022-24963
SHA-256 | 06258aeb56f6c7338c9fdd57a615e5a5d0b7d38557dfd44abd33e40b95560519
Ubuntu Security Notice USN-5885-1
Posted Feb 27, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5885-1 - Ronald Crane discovered integer overflow vulnerabilities in the Apache Portable Runtime that could potentially result in memory corruption. A remote attacker could possibly use these issues to cause a denial of service or execute arbitrary code.

tags | advisory, remote, denial of service, overflow, vulnerability
systems | linux, ubuntu
advisories | CVE-2022-24963
SHA-256 | 09ed22efc5f270093119425953b0c1273a45985966262768677be3e29ed5c327
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close