CVE-2024-57823

In Raptor RDF Syntax Library through 2.0.16, there is an integer underflow when normalizing a URI with the turtle parser in raptor_uri_normalize_path().
References
Link Resource
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1067896 Exploit Mailing List Third Party Advisory
https://github.com/dajobe/raptor/issues/70 Exploit Issue Tracking
https://github.com/pedrib/PoC/blob/master/fuzzing/raptor-fuzz.md Exploit Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:librdf:raptor_rdf_syntax_library:*:*:*:*:*:*:*:*

History

29 Sep 2025, 17:39

Type Values Removed Values Added
First Time Librdf raptor Rdf Syntax Library
Librdf
CPE cpe:2.3:a:librdf:raptor_rdf_syntax_library:*:*:*:*:*:*:*:*
References () https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1067896 - () https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1067896 - Exploit, Mailing List, Third Party Advisory
References () https://github.com/dajobe/raptor/issues/70 - () https://github.com/dajobe/raptor/issues/70 - Exploit, Issue Tracking
References () https://github.com/pedrib/PoC/blob/master/fuzzing/raptor-fuzz.md - () https://github.com/pedrib/PoC/blob/master/fuzzing/raptor-fuzz.md - Exploit, Third Party Advisory
Summary
  • (es) En Raptor RDF Syntax Library hasta la versión 2.0.16, hay un desbordamiento de enteros al normalizar una URI con el analizador de tortugas en raptor_uri_normalize_path().

10 Jan 2025, 14:15

Type Values Removed Values Added
CWE CWE-191
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 9.3

10 Jan 2025, 13:15

Type Values Removed Values Added
New CVE

Information

Published : 2025-01-10 13:15

Updated : 2025-09-29 17:39


NVD link : CVE-2024-57823

Mitre link : CVE-2024-57823

CVE.ORG link : CVE-2024-57823


JSON object : View

Products Affected

librdf

  • raptor_rdf_syntax_library
CWE
CWE-191

Integer Underflow (Wrap or Wraparound)