彙總 librdf 相關全部產品的 CVE 與安全漏洞情報,包括 CVSS、EPSS、公開時間與漏洞情報資料。
常見弱點模式包括 緩衝區溢位、XXE、記憶體損壞與輸入驗證問題,在 軟體部署與生產負載 使用場景中可能帶來 應用程式崩潰、記憶體損壞與異常行為 等風險。
相關漏洞資料主要來源於公開漏洞披露與安全公告,可用於評估歷史漏洞暴露面與修補優先順序。
| CVE | 摘要 | 來源 | 最高 CVSS | EPSS % | 公開時間 | 更新時間 |
|---|---|---|---|---|---|---|
| CVE-2024-57823 | In Raptor RDF Syntax Library through 2.0.16, there is an integer underflow when normalizing a URI with the turtle parser in raptor_uri_normalize_path(). | [email protected] | 9.3 | 0.04% | 2025-01-10 | 2025-11-03 |
| CVE-2024-57822 | In Raptor RDF Syntax Library through 2.0.16, there is a heap-based buffer over-read when parsing triples with the nquads parser in raptor_ntriples_parse_term_internal(). | [email protected] | 4.0 | 0.03% | 2025-01-10 | 2025-11-03 |
| CVE-2020-25713 | A malformed input file can lead to a segfault due to an out of bounds array access in raptor_xml_writer_start_element_common. | [email protected] | 6.5 | 0.47% | 2021-05-13 | 2024-11-21 |
| CVE-2017-18926 | raptor_xml_writer_start_element_common in raptor_xml_writer.c in Raptor RDF Syntax Library 2.0.15 miscalculates the maximum nspace declarations for the XML writer, leading to heap-based buffer overflows (sometimes seen in raptor_qname_format_as_xml). | [email protected] | 7.1 | 1.77% | 2020-11-06 | 2024-11-21 |
| CVE-2012-0037 | Redland Raptor (aka libraptor) before 2.0.7, as used by OpenOffice 3.3 and 3.4 Beta, LibreOffice before 3.4.6 and 3.5.x before 3.5.1, and other products, allows user-assisted remote attackers to read arbitrary files via a crafted XML external entity (XXE) declaration and reference in an RDF document. | [email protected] | 6.5 | 0.90% | 2012-06-17 | 2026-04-29 |