MiracleLinux 8 : raptor2-2.0.15-16.el8 (AXSA:2021-2011:01)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-2011:01 advisory. raptor: heap-based buffer overflows due to an error in calculating the maximum nspace declarations for the XML writer CVE-2017-18926 raptor2:...

EUVD-2020-18367

Malware in sbrugna...

EUVD-2017-10015

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2017-18926

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - raptorxmlwriterstartelementcommon in raptorxmlwriter.c in Raptor RDF Syntax Library 2.0.15 miscalculates the maximum nspace declarations for the XML writer,...

CVE-2022-4245

A flaw was found in codehaus-plexus. The org.codehaus.plexus.util.xml.XmlWriterUtilwriteComment fails to sanitize comments for a -- sequence. This issue means that text contained in the command string could be interpreted as XML and allow for XML injection...

codehaus-plexus: XML External Entity (XXE) Injection

A flaw was found in codehaus-plexus. The org.codehaus.plexus.util.xml.XmlWriterUtilwriteComment fails to sanitize comments for a -- sequence. This issue means that text contained in the command string could be interpreted as XML and allow for XML injection...

SUSE CVE-2010-4657

PHP5 before 5.4.4 allows passing invalid utf-8 strings via the xmlTextWriterWriteAttribute, which are then misparsed by libxml2. This results in memory leak into the resulting output...

SUSE CVE-2020-25713

A malformed input file can lead to a segfault due to an out of bounds array access in raptorxmlwriterstartelementcommon...

OESA-2022-1796 raptor2 security update

Raptor is Redland's RDF parser toolkit, which provides a set of independent RDF parsers to generate triples from RDF / XML or N-Triples. Security Fixes: A malformed input file can lead to a segfault due to an out of bounds array access in raptorxmlwriterstartelementcommon.CVE-2020-25713...

NewStart CGSL MAIN 6.02 : raptor2 Multiple Vulnerabilities (NS-SA-2022-0054)

The remote NewStart CGSL host, running version MAIN 6.02, has raptor2 packages installed that are affected by multiple vulnerabilities: - raptorxmlwriterstartelementcommon in raptorxmlwriter.c in Raptor RDF Syntax Library 2.0.15 miscalculates the maximum nspace declarations for the XML writer,...

RHEL 8 : raptor2 (RHSA-2021:1842)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:1842 advisory. Raptor is the RDF Parser Toolkit for Redland that provides a set of standalone RDF parsers, generating triples from RDF/XML or N-Triples...

raptor: heap-based buffer overflows due to an error in calculating the maximum nspace declarations for the XML writer

raptorxmlwriterstartelementcommon in raptorxmlwriter.c in Raptor RDF Syntax Library 2.0.15 miscalculates the maximum nspace declarations for the XML writer, leading to heap-based buffer overflows sometimes seen in raptorqnameformatasxml...

raptor2: malformed input file can lead to a segfault due to an out of bounds array access in raptor_xml_writer_start_element_common

A malformed input file can lead to a segfault due to an out of bounds array access in raptorxmlwriterstartelementcommon...

raptor2 security and bug fix update

An update is available for raptor2. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Raptor is the RDF Parser Toolkit for Redland that provides a set of standalon...

Moderate: raptor2 security and bug fix update

Raptor is the RDF Parser Toolkit for Redland that provides a set of standalone RDF parsers, generating triples from RDF/XML or N-Triples. Security Fixes: raptor: heap-based buffer overflows due to an error in calculating the maximum nspace declarations for the XML writer CVE-2017-18926 raptor2:...

ALSA-2021:1842 Moderate: raptor2 security and bug fix update

Raptor is the RDF Parser Toolkit for Redland that provides a set of standalone RDF parsers, generating triples from RDF/XML or N-Triples. Security Fixes: raptor: heap-based buffer overflows due to an error in calculating the maximum nspace declarations for the XML writer CVE-2017-18926 raptor2:...

CVE-2020-25713

CVE-2020-25713 affects the Raptor RDF libraries (raptor2) with a flaw in raptor_xml_writer_start_element_common: a malformed input file can trigger an out-of-bounds array access, causing a segfault. Public sources (Arch Linux ASA-202011-20) describe this alongside CVE-2017-18926 as part of raptor...

Denial Of Service (DoS)

raptor is vulnerable to denial of service DoS. The vulnerability exists through raptorxmlwriterstartelementcommon in raptorxmlwriter.c when it miscalculates the maximum nspace declarations for the XML writer, leading to heap-based buffer overflows...

PT-2021-7291

Name of the Vulnerable Software and Affected Versions Raptor affected versions not specified Description The issue is related to a malformed input file that can cause a segfault due to an out of bounds array access in the raptor xml writer start element common function. This is associated with a...

[ASA-202011-20] raptor: arbitrary code execution

Arch Linux Security Advisory ASA-202011-20 ========================================== Severity: Medium Date : 2020-11-19 CVE-ID : CVE-2017-18926 CVE-2020-25713 Package : raptor Type : arbitrary code execution Remote : No Link : https://security.archlinux.org/AVG-1283 Summary ======= The package...