CVE-2017-18926
Description
raptor_xml_writer_start_element_common in raptor_xml_writer.c in Raptor RDF Syntax Library 2.0.15 miscalculates the maximum nspace declarations for the XML writer, leading to heap-based buffer overflows (sometimes seen in raptor_qname_format_as_xml).
Risk Information
Base Score
7.1
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H
EPSS Score
Exploitation Probability
2.722
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| RDF syntax library (USN-4630-1) libraptor2-0_2.0.14-1ubuntu0.16.04.1_i386.deb | Linux |
| RDF syntax library (USN-4630-1) libraptor2-0_2.0.14-1ubuntu0.16.04.1_amd64.deb | Linux |
| RDF syntax library (USN-4630-1) libraptor2-0_2.0.14-1ubuntu0.18.04.1_i386.deb | Linux |
| RDF syntax library (USN-4630-1) libraptor2-0_2.0.14-1ubuntu0.18.04.1_amd64.deb | Linux |
| RDF syntax library (USN-4630-1) libraptor2-0_2.0.15-0ubuntu1.20.04.1_i386.deb | Linux |
| RDF syntax library (USN-4630-1) libraptor2-0_2.0.15-0ubuntu1.20.04.1_amd64.deb | Linux |
| RDF syntax library (USN-4630-1) libraptor2-0_2.0.15-0ubuntu1.20.10.1_i386.deb | Linux |
| RDF syntax library (USN-4630-1) libraptor2-0_2.0.15-0ubuntu1.20.10.1_amd64.deb | Linux |
| SUSE-SU-2020:3351-1(SUSE Linux Enterprise Server 12-SP5 ) libraptor2-0-2.0.15-5.3.1.x86_64.rpm | Linux |
| SUSE-SU-2020:3351-1(SUSE Linux Enterprise Server 12-SP5 ) libraptor2-0-debuginfo-2.0.15-5.3.1.x86_64.rpm | Linux |
| SUSE-SU-2020:3351-1(SUSE Linux Enterprise Server 12-SP5 ) raptor-debuginfo-2.0.15-5.3.1.x86_64.rpm | Linux |
| SUSE-SU-2020:3351-1(SUSE Linux Enterprise Server 12-SP5 ) raptor-debugsource-2.0.15-5.3.1.x86_64.rpm | Linux |
| (RHSA-2021:1842) raptor2 security and bug fix update raptor2-2.0.15-16.el8.i686.rpm | Linux |
| (RHSA-2021:1842) raptor2 security and bug fix update raptor2-2.0.15-16.el8.x86_64.rpm | Linux |
| (RHSA-2021:1842) raptor2 security and bug fix update raptor2-debugsource-2.0.15-16.el8.i686.rpm | Linux |
| (RHSA-2021:1842) raptor2 security and bug fix update raptor2-debugsource-2.0.15-16.el8.x86_64.rpm | Linux |
| (RHSA-2021:1842)Moderate: security and bug fix update raptor2-debuginfo-2.0.15-16.el8.i686.rpm | Linux |
| (RHSA-2021:1842)Moderate: security and bug fix update raptor2-debuginfo-2.0.15-16.el8.x86_64.rpm | Linux |
| raptor2 security and bug fix update (RLSA-2021:1842) raptor2-2.0.15-16.el8.i686.rpm | Linux |
| raptor2 security and bug fix update (RLSA-2021:1842) raptor2-2.0.15-16.el8.x86_64.rpm | Linux |
| Raptor2 update (ELSA-2021-1842) raptor2-2.0.15-16.el8.i686.rpm | Linux |
| Raptor2 update (ELSA-2021-1842) raptor2-2.0.15-16.el8.x86_64.rpm | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234