librdf 関連製品全体の CVE とセキュリティ脆弱性情報を集約し、CVSS、EPSS、公開日、脆弱性情報データを掲載しています。
一般的な弱点パターンには バッファオーバーフロー、vendor risk xxe、vendor risk memory corruption, and vendor risk input validation があり、vendor surface software deployment の利用場面で アプリケーションクラッシュ、vendor impact memory corruption, and vendor impact unexpected behavior などのリスクが生じる可能性があります。
掲載データは公開脆弱性情報とセキュリティ公告に基づき、過去の暴露面と修補優先度の評価に利用できます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2024-57823 | In Raptor RDF Syntax Library through 2.0.16, there is an integer underflow when normalizing a URI with the turtle parser in raptor_uri_normalize_path(). | [email protected] | 9.3 | 0.04% | 2025-01-10 | 2025-11-03 |
| CVE-2024-57822 | In Raptor RDF Syntax Library through 2.0.16, there is a heap-based buffer over-read when parsing triples with the nquads parser in raptor_ntriples_parse_term_internal(). | [email protected] | 4.0 | 0.03% | 2025-01-10 | 2025-11-03 |
| CVE-2020-25713 | A malformed input file can lead to a segfault due to an out of bounds array access in raptor_xml_writer_start_element_common. | [email protected] | 6.5 | 0.47% | 2021-05-13 | 2024-11-21 |
| CVE-2017-18926 | raptor_xml_writer_start_element_common in raptor_xml_writer.c in Raptor RDF Syntax Library 2.0.15 miscalculates the maximum nspace declarations for the XML writer, leading to heap-based buffer overflows (sometimes seen in raptor_qname_format_as_xml). | [email protected] | 7.1 | 1.77% | 2020-11-06 | 2024-11-21 |
| CVE-2012-0037 | Redland Raptor (aka libraptor) before 2.0.7, as used by OpenOffice 3.3 and 3.4 Beta, LibreOffice before 3.4.6 and 3.5.x before 3.5.1, and other products, allows user-assisted remote attackers to read arbitrary files via a crafted XML external entity (XXE) declaration and reference in an RDF document. | [email protected] | 6.5 | 0.90% | 2012-06-17 | 2026-04-29 |