MGASA-2023-0123

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2023-0123.html

Import Source

https://advisories.mageia.org/MGASA-2023-0123.json

JSON Data

https://api.osv.dev/v1/vulns/MGASA-2023-0123

Related

CVE-2022-22728

Published

2023-04-06T21:20:12Z

Modified

2023-04-06T20:14:30Z

Summary

Updated libapreq2 packages fix security vulnerability

Details

A flaw in Apache libapreq2 versions 2.16 and earlier could cause a buffer overflow while processing multipart form uploads. A remote attacker could send a request causing a process crash which could lead to a denial of service attack. (CVE-2022-22728)

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:8 / libapreq2

Package

Name: libapreq2
Purl: pkg:rpm/mageia/libapreq2?arch=source&distro=mageia-8

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.130.0-31.1.mga8

Ecosystem specific

{
    "section": "core"
}