CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-57822 – Ubuntu Security Notice USN-7316-1
https://notcve.org/view.php?id=CVE-2024-57822
10 Jan 2025 — In Raptor RDF Syntax Library through 2.0.16, there is a heap-based buffer over-read when parsing triples with the nquads parser in raptor_ntriples_parse_term_internal(). It was discovered that Raptor incorrectly handled memory operations when processing certain input files. A remote attacker could possibly use this issue to cause Raptor to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. It was discovered that Raptor incorrectly handled parsing certain... • https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1067896 • CWE-125: Out-of-bounds Read •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-57823 – raptor: integer underflow when normalizing a URI with the turtle parser
https://notcve.org/view.php?id=CVE-2024-57823
10 Jan 2025 — In Raptor RDF Syntax Library through 2.0.16, there is an integer underflow when normalizing a URI with the turtle parser in raptor_uri_normalize_path(). A flaw was found in the Raptor RDF syntax library (librdf). An integer underflow condition may be triggered when normalizing a URI with the turtle parser. This issue could cause memory corruption or an application crash, leading to a denial of service or other undefined behavior. It was discovered that Raptor incorrectly handled memory operations when proce... • https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1067896 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2020-25713 – raptor2: malformed input file can lead to a segfault due to an out of bounds array access in raptor_xml_writer_start_element_common
https://notcve.org/view.php?id=CVE-2020-25713
13 May 2021 — A malformed input file can lead to a segfault due to an out of bounds array access in raptor_xml_writer_start_element_common. Un archivo de entrada malformado puede conllevar a un error de segmentación debido a un acceso a la matriz fuera de límites en la función raptor_xml_writer_start_element_common It was discovered that Raptor incorrectly handled memory operations when processing certain input files. A remote attacker could possibly use this issue to cause Raptor to crash, resulting in a denial of servi... • http://www.openwall.com/lists/oss-security/2020/11/16/1 • CWE-20: Improper Input Validation CWE-125: Out-of-bounds Read •
CVSS: 7.1EPSS: 3%CPEs: 6EXPL: 1CVE-2017-18926 – raptor: heap-based buffer overflows due to an error in calculating the maximum nspace declarations for the XML writer
https://notcve.org/view.php?id=CVE-2017-18926
06 Nov 2020 — raptor_xml_writer_start_element_common in raptor_xml_writer.c in Raptor RDF Syntax Library 2.0.15 miscalculates the maximum nspace declarations for the XML writer, leading to heap-based buffer overflows (sometimes seen in raptor_qname_format_as_xml). La función raptor_xml_writer_start_element_common en el archivo raptor_xml_writer.c en Raptor RDF Syntax Library versión 2.0.15, calcula inapropiadamente las declaraciones máximas nspace para el escritor XML, conllevando a desbordamientos del búfer en la región... • http://www.openwall.com/lists/oss-security/2020/11/13/1 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 6.8EPSS: 0%CPEs: 19EXPL: 1CVE-2012-0037 – raptor: XML External Entity (XXE) attack via RDF files
https://notcve.org/view.php?id=CVE-2012-0037
17 Jun 2012 — Redland Raptor (aka libraptor) before 2.0.7, as used by OpenOffice 3.3 and 3.4 Beta, LibreOffice before 3.4.6 and 3.5.x before 3.5.1, and other products, allows user-assisted remote attackers to read arbitrary files via a crafted XML external entity (XXE) declaration and reference in an RDF document. Redland Raptor (también conocido como libraptor) anterior a v2.0.7, utilizado por OpenOffice v3.3 y v3.4 Beta, LibreOffice anterior a v3.4.6 y v3.5.x anterior a v3.5.1, y otros productos, permite a atacantes re... • http://blog.documentfoundation.org/2012/03/22/tdf-announces-libreoffice-3-4-6 • CWE-611: Improper Restriction of XML External Entity Reference •