CVE Radar Logo
CVERadar
CVE Radar Logo
CVERadar

CVE-2024-57823

Medium Severity
SVRS
38/100
CVSSv3
9.3/10
EPSS
0.00031/1

CVE-2024-57823 is an integer underflow vulnerability in Raptor RDF Syntax Library. This flaw can be exploited when the turtle parser normalizes a URI, specifically within the raptor_uri_normalize_path() function. The integer underflow in Raptor RDF could lead to unexpected behavior or potentially exploitable conditions.

Although its CVSS score is high at 9.3, indicating significant impact, the SOCRadar Vulnerability Risk Score (SVRS) is 38. This lower SVRS suggests the vulnerability is not currently being widely exploited or discussed across various threat intelligence sources such as social media, news, code repositories, the dark/deep web, or associated with known threat actors. However, being listed as "In The Wild" suggests that it is important to remediate eventually. Successful exploitation of CVE-2024-57823 could cause application crashes, data corruption, or potentially lead to arbitrary code execution. This makes it critical for organizations using Raptor RDF Syntax Library to assess their risk and apply necessary patches.

TAGS
In The Wild
VECTOR STRING
CVSS:3.1
AV:L
AC:L
PR:N
UI:N
S:C
C:H
I:H
A:H
PUBLICATION DATE2025-01-10
LAST MODIFIED2025-01-10

Indicators of Compromise

No IOCs found for this CVE

Exploits

No exploits found for this CVE

Enhance Your CVE Management with SOCRadar Vulnerability Intelligence
Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.
CREATE FREE ACCOUNT
CVE Details
Access comprehensive CVE information instantly
Real-time Tracking
Subscribe to CVEs and get instant updates
Exploit Analysis
Monitor related APT groups and threats
IOC Tracking
Analyze and track CVE-related IOCs

News

USN-7316-1: Raptor vulnerabilities
2025-03-03
USN-7316-1: Raptor vulnerabilities | It was discovered that Raptor incorrectly handled memory operations when processing certain input files. A remote attacker could possibly use this issue to cause Raptor to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2020-25713) It was discovered that Raptor incorrectly handled parsing certain tuples. A remote attacker could possibly use this issue to cause Raptor to crash, resulting in a denial of service. (CVE-2024-57822) It was discovered that Raptor incorrectly handled parsing certain turtles. A remote attacker could use this
ubuntu.com
rss
forum
news
CVE-2024-57823 | Raptor RDF Syntax Library up to 2.0.16 raptor_uri_normalize_path integer underflow
vuldb.com2025-01-10
CVE-2024-57823 | Raptor RDF Syntax Library up to 2.0.16 raptor_uri_normalize_path integer underflow | A vulnerability was found in Raptor RDF Syntax Library up to 2.0.16. It has been declared as problematic. This vulnerability affects the function raptor_uri_normalize_path. The manipulation leads to integer underflow. This vulnerability was named CVE-2024-57823. Access to the local network is required for
vuldb.com
rss
forum
news

Social Media

CVE-2024-57823 Integer Underflow Vulnerability in Raptor RDF Syntax Library 2.0.16 Raptor RDF Syntax Library up to version 2.0.16 has an integer underflow issue. This happens when a URI is normalized using the tu... https://t.co/JprNo4zycW
0
0
1

Affected Software

No affected software found for this CVE

References

ReferenceLink
[email protected]https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1067896
[email protected]https://github.com/dajobe/raptor/issues/70
[email protected]https://github.com/pedrib/PoC/blob/master/fuzzing/raptor-fuzz.md
GITHUBhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1067896
GITHUBhttps://github.com/dajobe/raptor/issues/70
GITHUBhttps://github.com/pedrib/PoC/blob/master/fuzzing/raptor-fuzz.md

CWE Details

CWE IDCWE NameDescription
CWE-191Integer Underflow (Wrap or Wraparound)The product subtracts one value from another, such that the result is less than the minimum allowable integer value, which produces a value that is not equal to the correct result.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence