rpm package
suse/libqt5-qtbase&distro=SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS
pkg:rpm/suse/libqt5-qtbase&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOS
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-39936 | — | < 5.15.2+kde294-150400.6.15.1 | 5.15.2+kde294-150400.6.15.1 | Jul 4, 2024 | An issue was discovered in HTTP2 in Qt before 5.15.18, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.7, and 6.6.x through 6.7.x before 6.7.3. Code to make security-relevant decisions about an established connection may execute too early, because the encrypted() signal has not | ||
| CVE-2023-45935 | Med | 4.2 | < 5.15.2+kde294-150400.6.15.1 | 5.15.2+kde294-150400.6.15.1 | Mar 27, 2024 | Qt 6 through 6.6 was discovered to contain a NULL pointer dereference via the function QXcbConnection::initializeAllAtoms(). NOTE: this is disputed because it is not expected that an X application should continue to run when there is arbitrary anomalous behavior from the X server | |
| CVE-2023-51714 | — | < 5.15.2+kde294-150400.6.15.1 | 5.15.2+kde294-150400.6.15.1 | Dec 24, 2023 | An issue was discovered in the HTTP2 implementation in Qt before 5.15.17, 6.x before 6.2.11, 6.3.x through 6.5.x before 6.5.4, and 6.6.x before 6.6.2. network/access/http2/hpacktable.cpp has an incorrect HPack integer overflow check. |
- CVE-2024-39936Jul 4, 2024affected < 5.15.2+kde294-150400.6.15.1fixed 5.15.2+kde294-150400.6.15.1
An issue was discovered in HTTP2 in Qt before 5.15.18, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.7, and 6.6.x through 6.7.x before 6.7.3. Code to make security-relevant decisions about an established connection may execute too early, because the encrypted() signal has not
- affected < 5.15.2+kde294-150400.6.15.1fixed 5.15.2+kde294-150400.6.15.1
Qt 6 through 6.6 was discovered to contain a NULL pointer dereference via the function QXcbConnection::initializeAllAtoms(). NOTE: this is disputed because it is not expected that an X application should continue to run when there is arbitrary anomalous behavior from the X server
- CVE-2023-51714Dec 24, 2023affected < 5.15.2+kde294-150400.6.15.1fixed 5.15.2+kde294-150400.6.15.1
An issue was discovered in the HTTP2 implementation in Qt before 5.15.17, 6.x before 6.2.11, 6.3.x through 6.5.x before 6.5.4, and 6.6.x before 6.6.2. network/access/http2/hpacktable.cpp has an incorrect HPack integer overflow check.