{"id":"CVE-2022-25147","details":"Integer Overflow or Wraparound vulnerability in apr_base64 functions of Apache Portable Runtime Utility (APR-util) allows an attacker to write beyond bounds of a buffer.\n\n\n\n\nThis issue affects Apache Portable Runtime Utility (APR-util) 1.6.1 and prior versions.","modified":"2026-04-16T04:38:10.688139621Z","published":"2023-01-31T16:15:08.907Z","related":["ALSA-2023:3109","ALSA-2023:3147","SUSE-SU-2023:0324-1","SUSE-SU-2023:0325-1","SUSE-SU-2023:0337-1","SUSE-SU-2023:0338-1","SUSE-SU-2023:0389-1","openSUSE-SU-2024:12656-1"],"references":[{"type":"ADVISORY","url":"https://lists.apache.org/thread/np5gjqlohc4f62lr09vrn61vl44cylh8"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20240315-0001/"}],"affected":[{"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-25147.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"1.6.1"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"}]}