{"id":"AZL-13212","summary":"CVE-2022-25147 affecting package apr-util for versions less than 1.6.3-1","details":"Integer Overflow or Wraparound vulnerability in apr_base64 functions of Apache Portable Runtime Utility (APR-util) allows an attacker to write beyond bounds of a buffer.\n\n\n\n\nThis issue affects Apache Portable Runtime Utility (APR-util) 1.6.1 and prior versions.","modified":"2026-04-01T05:07:35.335562Z","published":"2023-01-31T16:15:08Z","upstream":["CVE-2022-25147"],"references":[{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-25147"}],"affected":[{"package":{"name":"apr-util","ecosystem":"Azure Linux:2","purl":"pkg:rpm/azure-linux/apr-util"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.6.3-1"}]}],"database_specific":{"source":"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-13212.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"}]}