CVE-2017-18926 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	Medium
Remote	No
Type	Arbitrary code execution
Description	raptor_xml_writer_start_element_common in raptor_xml_writer.c in Raptor RDF Syntax Library 2.0.15 miscalculates the maximum nspace declarations for the XML writer, leading to heap-based buffer overflows (sometimes seen in raptor_qname_format_as_xml).

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-1283	raptor	2.0.15-13	2.0.15-14	Medium	Fixed	FS#68613

Date	Advisory	Group	Package	Severity	Type
19 Nov 2020	ASA-202011-20	AVG-1283	raptor	Medium	arbitrary code execution

References
https://www.openwall.com/lists/oss-security/2017/06/07/1 http://bugs.librdf.org/mantis/view.php?id=617 http://bugs.librdf.org/mantis/view.php?id=618 https://github.com/dajobe/raptor/commit/590681e546cd9aa18d57dc2ea1858cb734a3863f

References

https://www.openwall.com/lists/oss-security/2017/06/07/1
http://bugs.librdf.org/mantis/view.php?id=617
http://bugs.librdf.org/mantis/view.php?id=618
https://github.com/dajobe/raptor/commit/590681e546cd9aa18d57dc2ea1858cb734a3863f