Aggregates CVE and security vulnerability intelligence across all librdf-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk buffer overflow, vendor risk xxe, vendor risk memory corruption, and vendor risk input validation and related problems; some flaws may lead to vendor impact application crash.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2024-57823 | In Raptor RDF Syntax Library through 2.0.16, there is an integer underflow when normalizing a URI with the turtle parser in raptor_uri_normalize_path(). | [email protected] | 9.3 | 0.04% | 2025-01-10 | 2025-11-03 |
| CVE-2024-57822 | In Raptor RDF Syntax Library through 2.0.16, there is a heap-based buffer over-read when parsing triples with the nquads parser in raptor_ntriples_parse_term_internal(). | [email protected] | 4.0 | 0.03% | 2025-01-10 | 2025-11-03 |
| CVE-2020-25713 | A malformed input file can lead to a segfault due to an out of bounds array access in raptor_xml_writer_start_element_common. | [email protected] | 6.5 | 0.47% | 2021-05-13 | 2024-11-21 |
| CVE-2017-18926 | raptor_xml_writer_start_element_common in raptor_xml_writer.c in Raptor RDF Syntax Library 2.0.15 miscalculates the maximum nspace declarations for the XML writer, leading to heap-based buffer overflows (sometimes seen in raptor_qname_format_as_xml). | [email protected] | 7.1 | 1.77% | 2020-11-06 | 2024-11-21 |
| CVE-2012-0037 | Redland Raptor (aka libraptor) before 2.0.7, as used by OpenOffice 3.3 and 3.4 Beta, LibreOffice before 3.4.6 and 3.5.x before 3.5.1, and other products, allows user-assisted remote attackers to read arbitrary files via a crafted XML external entity (XXE) declaration and reference in an RDF document. | [email protected] | 6.5 | 1.10% | 2012-06-17 | 2026-04-29 |