CVE-2024-57822

Опубликовано: 10 янв. 2025

Источник: nvd

CVSS3: 4

CVSS3: 5.5

EPSS Низкий

Описание

In Raptor RDF Syntax Library through 2.0.16, there is a heap-based buffer over-read when parsing triples with the nquads parser in raptor_ntriples_parse_term_internal().

Ссылки

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1067896
Exploit
Mailing List
Third Party Advisory
https://github.com/dajobe/raptor/issues/70
Exploit
Issue Tracking
https://github.com/pedrib/PoC/blob/master/fuzzing/raptor-fuzz.md
Exploit
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2025/10/msg00023.html
https://github.com/pedrib/PoC/blob/master/fuzzing/raptor-fuzz.md
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:librdf:raptor_rdf_syntax_library:*:*:*:*:*:*:*:*

Версия до 2.0.16 (включая)

EPSS

Процентиль: 23%

0.00074

Низкий

4 Medium

CVSS3

5.5 Medium

CVSS3

Дефекты

CWE-125

Связанные уязвимости

CVE-2024-57822

CVSS3: 4

ubuntu

12 месяцев назад

In Raptor RDF Syntax Library through 2.0.16, there is a heap-based buffer over-read when parsing triples with the nquads parser in raptor_ntriples_parse_term_internal().

CVE-2024-57822

CVSS3: 4

redhat

12 месяцев назад

In Raptor RDF Syntax Library through 2.0.16, there is a heap-based buffer over-read when parsing triples with the nquads parser in raptor_ntriples_parse_term_internal().

CVE-2024-57822

CVSS3: 4

debian

12 месяцев назад

In Raptor RDF Syntax Library through 2.0.16, there is a heap-based buf ...

GHSA-4g53-844p-p879

CVSS3: 4

github

12 месяцев назад

In Raptor RDF Syntax Library through 2.0.16, there is a heap-based buffer over-read when parsing triples with the nquads parser in raptor_ntriples_parse_term_internal().

BDU:2025-11887

CVSS3: 4

fstec

почти 2 года назад

Уязвимость функции raptor_ntriples_parse_term_internal() библиотеки RAPtor, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 23%

0.00074

Низкий

4 Medium

CVSS3

5.5 Medium

CVSS3

Дефекты

CWE-125