CVE-2024-57822 Information

Description

In Raptor RDF Syntax Library through 2.0.16 there is a heap-based buffer over-read when parsing triples with the nquads parser in raptor_ntriples_parse_term_internal().

Reference

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1067896 https://github.com/dajobe/raptor/issues/70 https://github.com/pedrib/PoC/blob/master/fuzzing/raptor-fuzz.md https://github.com/pedrib/PoC/blob/master/fuzzing/raptor-fuzz.md