rpm package

suse/libqt4-sql-plugins&distro=SUSE Linux Enterprise Server LTSS Extended Security 12 SP5

pkg:rpm/suse/libqt4-sql-plugins&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5

Vulnerabilities (7)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2025-5455	Hig	—	< 4.8.7-8.22.1	4.8.7-8.22.1	Jun 2, 2025	An issue was found in the private API function qDecodeDataUrl() in QtCore, which is used in QTextDocument and QNetworkReply, and, potentially, in user code. If the function was called with malformed data, for example, an URL that contained a "charset" parameter that lacked a val
CVE-2023-37369		—	< 4.8.7-8.22.1	4.8.7-8.22.1	Aug 20, 2023	In Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.2, there can be an application crash in QXmlStreamReader via a crafted XML string that triggers a situation in which a prefix is greater than a length.
CVE-2023-38197		—	< 4.8.7-8.22.1	4.8.7-8.22.1	Jul 13, 2023	An issue was discovered in Qt before 5.15.15, 6.x before 6.2.10, and 6.3.x through 6.5.x before 6.5.3. There are infinite loops in recursive entity expansion.
CVE-2023-34410		—	< 4.8.7-8.22.1	4.8.7-8.22.1	Jun 5, 2023	An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.2. Certificate validation for TLS does not always consider whether the root of a chain is a configured CA certificate.
CVE-2023-32763		—	< 4.8.7-8.22.1	4.8.7-8.22.1	May 28, 2023	An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. When a SVG file with an image inside it is rendered, a QTextLayout buffer overflow can be triggered.
CVE-2023-32573		—	< 4.8.7-8.22.1	4.8.7-8.22.1	May 10, 2023	In Qt before 5.15.14, 6.0.x through 6.2.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1, QtSvg QSvgFont m_unitsPerEm initialization is mishandled.
CVE-2021-45930		—	< 4.8.7-8.22.1	4.8.7-8.22.1	Dec 31, 2021	Qt SVG in Qt 5.0.0 through 5.15.2 and 6.0.0 through 6.2.1 has an out-of-bounds write in QtPrivate::QCommonArrayOps<QPainterPath::Element>::growAppend (called from QPainterPath::addPath and QPathClipper::intersect).

CVE-2025-5455HigJun 2, 2025
affected < 4.8.7-8.22.1fixed 4.8.7-8.22.1
An issue was found in the private API function qDecodeDataUrl() in QtCore, which is used in QTextDocument and QNetworkReply, and, potentially, in user code. If the function was called with malformed data, for example, an URL that contained a "charset" parameter that lacked a val
CVE-2023-37369Aug 20, 2023
affected < 4.8.7-8.22.1fixed 4.8.7-8.22.1
In Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.2, there can be an application crash in QXmlStreamReader via a crafted XML string that triggers a situation in which a prefix is greater than a length.
CVE-2023-38197Jul 13, 2023
affected < 4.8.7-8.22.1fixed 4.8.7-8.22.1
An issue was discovered in Qt before 5.15.15, 6.x before 6.2.10, and 6.3.x through 6.5.x before 6.5.3. There are infinite loops in recursive entity expansion.
CVE-2023-34410Jun 5, 2023
affected < 4.8.7-8.22.1fixed 4.8.7-8.22.1
An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.2. Certificate validation for TLS does not always consider whether the root of a chain is a configured CA certificate.
CVE-2023-32763May 28, 2023
affected < 4.8.7-8.22.1fixed 4.8.7-8.22.1
An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. When a SVG file with an image inside it is rendered, a QTextLayout buffer overflow can be triggered.
CVE-2023-32573May 10, 2023
affected < 4.8.7-8.22.1fixed 4.8.7-8.22.1
In Qt before 5.15.14, 6.0.x through 6.2.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1, QtSvg QSvgFont m_unitsPerEm initialization is mishandled.
CVE-2021-45930Dec 31, 2021
affected < 4.8.7-8.22.1fixed 4.8.7-8.22.1
Qt SVG in Qt 5.0.0 through 5.15.2 and 6.0.0 through 6.2.1 has an out-of-bounds write in QtPrivate::QCommonArrayOps<QPainterPath::Element>::growAppend (called from QPainterPath::addPath and QPathClipper::intersect).