Apache Portable Runtime Utility vulnerabilities

CVE-2022-25147 [MEDIUM] CWE-190 CVE-2022-25147: Integer Overflow or Wraparound vulnerability in apr_base64 functions of Apache Portable Runtime Util Integer Overflow or Wraparound vulnerability in apr_base64 functions of Apache Portable Runtime Utility (APR-util) allows an attacker to write beyond bounds of a buffer. This issue affects Apache Portable Runtime Utility (APR-util) 1.6.1 and prior versions.

CVE-2017-12618 [MEDIUM] CWE-125 CVE-2017-12618: Apache Portable Runtime Utility (APR-util) 1.6.0 and prior fail to validate the integrity of SDBM da Apache Portable Runtime Utility (APR-util) 1.6.0 and prior fail to validate the integrity of SDBM database files used by apr_sdbm*() functions, resulting in a possible out of bound read access. A local user with write access to the database can make a program or process using these functions crash, and cause a denial of service.