Vulnerability Details CVE-2020-25713
A malformed input file can lead to a segfault due to an out of bounds array access in raptor_xml_writer_start_element_common.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 61.1%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 4.0
References
- http://www.openwall.com/lists/oss-security/2020/11/16/1
- https://bugs.librdf.org/mantis/view.php?id=650
- https://bugzilla.redhat.com/show_bug.cgi?id=1900685
- https://lists.debian.org/debian-lts-announce/2021/12/msg00009.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/27EQ2JCVMKG3EYTBYO4642P773I2NYUV/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SUIND56AOKEHHBE4OYV57M73LLOLJRLV/
- http://www.openwall.com/lists/oss-security/2020/11/16/1
- https://bugs.librdf.org/mantis/view.php?id=650
- https://bugzilla.redhat.com/show_bug.cgi?id=1900685
- https://lists.debian.org/debian-lts-announce/2021/12/msg00009.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/27EQ2JCVMKG3EYTBYO4642P773I2NYUV/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SUIND56AOKEHHBE4OYV57M73LLOLJRLV/
Products affected by CVE-2020-25713
-
cpe:2.3:a:librdf:raptor_rdf_syntax_library:2.0.15
-
cpe:2.3:o:debian:debian_linux:9.0
-
cpe:2.3:o:fedoraproject:fedora:32
-
cpe:2.3:o:fedoraproject:fedora:33