| Package | libapreq2 |
|---|---|
| Version | 2.13-7~deb9u2 (stretch) |
| Related CVEs | CVE-2022-22728 |
A flaw in Apache libapreq2 versions 2.16 and earlier could cause a buffer overflow while processing multipart form uploads. A remote attacker could send a request causing a process crash which could lead to a denial of service attack.
For Debian 9 stretch, these problems have been fixed in version 2.13-7~deb9u2.
We recommend that you upgrade your libapreq2 packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.