rpm package
suse/libqt4&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP5
pkg:rpm/suse/libqt4&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5
Vulnerabilities (11)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-37369 | — | < 4.8.7-8.19.1 | 4.8.7-8.19.1 | Aug 20, 2023 | In Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.2, there can be an application crash in QXmlStreamReader via a crafted XML string that triggers a situation in which a prefix is greater than a length. | ||
| CVE-2023-38197 | — | < 4.8.7-8.19.1 | 4.8.7-8.19.1 | Jul 13, 2023 | An issue was discovered in Qt before 5.15.15, 6.x before 6.2.10, and 6.3.x through 6.5.x before 6.5.3. There are infinite loops in recursive entity expansion. | ||
| CVE-2023-34410 | — | < 4.8.7-8.19.1 | 4.8.7-8.19.1 | Jun 5, 2023 | An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.2. Certificate validation for TLS does not always consider whether the root of a chain is a configured CA certificate. | ||
| CVE-2023-32763 | — | < 4.8.7-8.19.1 | 4.8.7-8.19.1 | May 28, 2023 | An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. When a SVG file with an image inside it is rendered, a QTextLayout buffer overflow can be triggered. | ||
| CVE-2023-32573 | — | < 4.8.7-8.19.1 | 4.8.7-8.19.1 | May 10, 2023 | In Qt before 5.15.14, 6.0.x through 6.2.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1, QtSvg QSvgFont m_unitsPerEm initialization is mishandled. | ||
| CVE-2021-3481 | — | < 4.8.7-8.16.1 | 4.8.7-8.16.1 | Aug 22, 2022 | A flaw was found in Qt. An out-of-bounds read vulnerability was found in QRadialFetchSimd in qt/qtbase/src/gui/painting/qdrawhelper_p.h in Qt/Qtbase. While rendering and displaying a crafted Scalable Vector Graphics (SVG) file this flaw may lead to an unauthorized memory access. | ||
| CVE-2021-45930 | — | < 4.8.7-8.19.1 | 4.8.7-8.19.1 | Dec 31, 2021 | Qt SVG in Qt 5.0.0 through 5.15.2 and 6.0.0 through 6.2.1 has an out-of-bounds write in QtPrivate::QCommonArrayOps<QPainterPath::Element>::growAppend (called from QPainterPath::addPath and QPathClipper::intersect). | ||
| CVE-2020-17507 | — | < 4.8.7-8.16.1 | 4.8.7-8.16.1 | Aug 12, 2020 | An issue was discovered in Qt through 5.12.9, and 5.13.x through 5.15.x before 5.15.1. read_xbm_body in gui/image/qxbmhandler.cpp has a buffer over-read. | ||
| CVE-2018-19873 | — | < 4.8.7-8.13.1 | 4.8.7-8.13.1 | Dec 26, 2018 | An issue was discovered in Qt before 5.11.3. QBmpHandler has a buffer overflow via BMP data. | ||
| CVE-2018-19869 | — | < 4.8.7-8.13.1 | 4.8.7-8.13.1 | Dec 26, 2018 | An issue was discovered in Qt before 5.11.3. A malformed SVG image causes a segmentation fault in qsvghandler.cpp. | ||
| CVE-2018-15518 | — | < 4.8.7-8.13.1 | 4.8.7-8.13.1 | Dec 26, 2018 | QXmlStream in Qt 5.x before 5.11.3 has a double-free or corruption during parsing of a specially crafted illegal XML document. |
- CVE-2023-37369Aug 20, 2023affected < 4.8.7-8.19.1fixed 4.8.7-8.19.1
In Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.2, there can be an application crash in QXmlStreamReader via a crafted XML string that triggers a situation in which a prefix is greater than a length.
- CVE-2023-38197Jul 13, 2023affected < 4.8.7-8.19.1fixed 4.8.7-8.19.1
An issue was discovered in Qt before 5.15.15, 6.x before 6.2.10, and 6.3.x through 6.5.x before 6.5.3. There are infinite loops in recursive entity expansion.
- CVE-2023-34410Jun 5, 2023affected < 4.8.7-8.19.1fixed 4.8.7-8.19.1
An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.2. Certificate validation for TLS does not always consider whether the root of a chain is a configured CA certificate.
- CVE-2023-32763May 28, 2023affected < 4.8.7-8.19.1fixed 4.8.7-8.19.1
An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. When a SVG file with an image inside it is rendered, a QTextLayout buffer overflow can be triggered.
- CVE-2023-32573May 10, 2023affected < 4.8.7-8.19.1fixed 4.8.7-8.19.1
In Qt before 5.15.14, 6.0.x through 6.2.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1, QtSvg QSvgFont m_unitsPerEm initialization is mishandled.
- CVE-2021-3481Aug 22, 2022affected < 4.8.7-8.16.1fixed 4.8.7-8.16.1
A flaw was found in Qt. An out-of-bounds read vulnerability was found in QRadialFetchSimd in qt/qtbase/src/gui/painting/qdrawhelper_p.h in Qt/Qtbase. While rendering and displaying a crafted Scalable Vector Graphics (SVG) file this flaw may lead to an unauthorized memory access.
- CVE-2021-45930Dec 31, 2021affected < 4.8.7-8.19.1fixed 4.8.7-8.19.1
Qt SVG in Qt 5.0.0 through 5.15.2 and 6.0.0 through 6.2.1 has an out-of-bounds write in QtPrivate::QCommonArrayOps<QPainterPath::Element>::growAppend (called from QPainterPath::addPath and QPathClipper::intersect).
- CVE-2020-17507Aug 12, 2020affected < 4.8.7-8.16.1fixed 4.8.7-8.16.1
An issue was discovered in Qt through 5.12.9, and 5.13.x through 5.15.x before 5.15.1. read_xbm_body in gui/image/qxbmhandler.cpp has a buffer over-read.
- CVE-2018-19873Dec 26, 2018affected < 4.8.7-8.13.1fixed 4.8.7-8.13.1
An issue was discovered in Qt before 5.11.3. QBmpHandler has a buffer overflow via BMP data.
- CVE-2018-19869Dec 26, 2018affected < 4.8.7-8.13.1fixed 4.8.7-8.13.1
An issue was discovered in Qt before 5.11.3. A malformed SVG image causes a segmentation fault in qsvghandler.cpp.
- CVE-2018-15518Dec 26, 2018affected < 4.8.7-8.13.1fixed 4.8.7-8.13.1
QXmlStream in Qt 5.x before 5.11.3 has a double-free or corruption during parsing of a specially crafted illegal XML document.