[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: Re: [oss-security] CVE-2022-22728: libapreq2: libapreq2 multipart form parse memory corruption
From: John Helmert III <ajak () gentoo ! org>
Date: 2022-08-26 16:01:23
Message-ID: YwjuUy0a6FFdHPVB () gentoo ! org
[Download RAW message or body]
On Thu, Aug 25, 2022 at 02:09:16PM +0000, Joe Orton wrote:
> Severity: important
>
> Description:
>
> A flaw in libapreq2 versions 2.16 and earlier could cause a buffer overflow while processing \
> multipart form uploads. A remote attacker could send a request causing a process crash which \
> could lead to a denial of service attack.
Is there a fixed version or patch or upstream issue?
["signature.asc" (application/pgp-signature)]
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic