CVE-2017-18926 log

Source
Severity Medium
Remote No
Type Arbitrary code execution
Description
raptor_xml_writer_start_element_common in raptor_xml_writer.c in Raptor RDF Syntax Library 2.0.15 miscalculates the maximum nspace declarations for the XML writer, leading to heap-based buffer overflows (sometimes seen in raptor_qname_format_as_xml).
Group Package Affected Fixed Severity Status Ticket
AVG-1283 raptor 2.0.15-13 2.0.15-14 Medium Fixed FS#68613
Date Advisory Group Package Severity Type
19 Nov 2020 ASA-202011-20 AVG-1283 raptor Medium arbitrary code execution
References
https://www.openwall.com/lists/oss-security/2017/06/07/1
http://bugs.librdf.org/mantis/view.php?id=617
http://bugs.librdf.org/mantis/view.php?id=618
https://github.com/dajobe/raptor/commit/590681e546cd9aa18d57dc2ea1858cb734a3863f