ALT-PU-2025-12825-2
Closed vulnerabilities
Published: 2025-01-10
BDU:2025-03460
Уязвимость функции raptor_uri_normalize_path() библиотеки Raptor, позволяющая нарушителю получить выполнить произвольный код
Severity: CRITICAL (9.3)
Vector: AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Severity: HIGH (7.2)
Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
References:
Published: 2024-03-28
BDU:2025-11887
Уязвимость функции raptor_ntriples_parse_term_internal() библиотеки RAPtor, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (4.0)
Vector: AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Severity: LOW (2.1)
Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P
References:
Published: 2025-01-10
Modified: 2025-09-29
Modified: 2025-09-29
CVE-2024-57822
In Raptor RDF Syntax Library through 2.0.16, there is a heap-based buffer over-read when parsing triples with the nquads parser in raptor_ntriples_parse_term_internal().
Severity: MEDIUM (5.5)
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2025-01-10
Modified: 2025-09-29
Modified: 2025-09-29
CVE-2024-57823
In Raptor RDF Syntax Library through 2.0.16, there is an integer underflow when normalizing a URI with the turtle parser in raptor_uri_normalize_path().
Severity: MEDIUM (5.5)
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
References: