Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
debianDebianDEBIAN:DLA-3805-1:830CD
HistoryApr 30, 2024 - 10:47 p.m.

[SECURITY] [DLA 3805-1] qtbase-opensource-src security update

2024-04-3022:47:38
lists.debian.org
9
cve-2023-38197
application crashs
infinite loops
cve-2023-32763
cve-2023-33285
cve-2023-24607
cve-2023-32762
crafted input files
qtbase-opensource-src
buffer overflows
debian 10 buster
security update
cve-2023-37369
cve-2023-51714

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.6 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

54.7%

JSON

Debian LTS Advisory DLA-3805-1 [email protected]
https://www.debian.org/lts/security/ Thorsten Alteholz
May 01, 2024 https://wiki.debian.org/LTS

Package : qtbase-opensource-src
Version : 5.11.3+dfsg1-1+deb10u6
CVE ID : CVE-2023-24607 CVE-2023-32762 CVE-2023-32763
CVE-2023-33285 CVE-2023-37369 CVE-2023-38197
CVE-2023-51714

Several issues have been found in qtbase-opensource-src, a collection of
several Qt modules/libraries.
The issues are related to buffer overflows, infinite loops or application
crashs due to processing of crafted input files.

For Debian 10 buster, these problems have been fixed in version
5.11.3+dfsg1-1+deb10u6.

We recommend that you upgrade your qtbase-opensource-src packages.

For the detailed security status of qtbase-opensource-src please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/qtbase-opensource-src

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

OSVersionArchitecturePackageVersionFilename
Debian10amd64libqt4-sql-sqlite< 4:4.8.7+dfsg-18+deb10u2libqt4-sql-sqlite_4:4.8.7+dfsg-18+deb10u2_amd64.deb
Debian10armhfqt4-default< 4:4.8.7+dfsg-18+deb10u2qt4-default_4:4.8.7+dfsg-18+deb10u2_armhf.deb
Debian10i386libqt4-sql-ibase< 4:4.8.7+dfsg-18+deb10u2libqt4-sql-ibase_4:4.8.7+dfsg-18+deb10u2_i386.deb
Debian10arm64qt4-qmlviewer< 4:4.8.7+dfsg-18+deb10u2qt4-qmlviewer_4:4.8.7+dfsg-18+deb10u2_arm64.deb
Debian10amd64libqt4-svg< 4:4.8.7+dfsg-18+deb10u2libqt4-svg_4:4.8.7+dfsg-18+deb10u2_amd64.deb
Debian10amd64libqt4-declarative-particles< 4:4.8.7+dfsg-18+deb10u2libqt4-declarative-particles_4:4.8.7+dfsg-18+deb10u2_amd64.deb
Debian10amd64libqt4-xml< 4:4.8.7+dfsg-18+deb10u2libqt4-xml_4:4.8.7+dfsg-18+deb10u2_amd64.deb
Debian10i386libqt4-designer-dbg< 4:4.8.7+dfsg-18+deb10u2libqt4-designer-dbg_4:4.8.7+dfsg-18+deb10u2_i386.deb
Debian10amd64libqt4-sql-sqlite2< 4:4.8.7+dfsg-18+deb10u2libqt4-sql-sqlite2_4:4.8.7+dfsg-18+deb10u2_amd64.deb
Debian10arm64libqt5dbus5< 5.11.3+dfsg1-1+deb10u6libqt5dbus5_5.11.3+dfsg1-1+deb10u6_arm64.deb
Rows per page:
1-10 of 2511

Related

osv 13
nessus 51
openvas 25
almalinux 4
redhat 5
oraclelinux 4
fedora 11
gentoo 2
mageia 2
debian 1
debiancve 7
ubuntucve 7
cvelist 7
cve 7
prion 7
nvd 7
qt 4
redos 1
redhatcve 5
cbl_mariner 11
alpinelinux 2
freebsd 1
amazon 6
vulnrichment 2
veracode 2
ibm 2
osv
osv
qtbase-opensource-src - security update
2024-05-01 00:00:00
Moderate: qt5-qtbase security update
2023-11-14 00:00:00
Moderate: qt5 security and bug fix update
2023-11-07 00:00:00
nessus
nessus
Debian dla-3805 : libqt5concurrent5 - security update
2024-05-01 00:00:00
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : libqt5-qtbase (SUSE-SU-2023:2982-1)
2023-07-27 00:00:00
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : qt6-base (SUSE-SU-2023:3380-1)
2023-08-23 00:00:00
openvas
openvas
Debian: Security Advisory (DLA-3805-1)
2024-05-01 00:00:00
openSUSE: Security Advisory for libqt5 (SUSE-SU-2023:2982-1)
2024-03-04 00:00:00
SUSE: Security Advisory (SUSE-SU-2023:3207-1)
2023-08-08 00:00:00
almalinux
almalinux
Moderate: qt5-qtbase security update
2023-11-14 00:00:00
Moderate: qt5 security and bug fix update
2023-11-07 00:00:00
Moderate: qt5-qtbase security update
2024-05-22 00:00:00
redhat
redhat
(RHSA-2023:6967) Moderate: qt5-qtbase security update
2023-11-14 08:41:31
(RHSA-2023:6369) Moderate: qt5 security and bug fix update
2023-11-07 06:03:15
(RHSA-2024:3056) Moderate: qt5-qtbase security update
2024-05-22 06:35:28
oraclelinux
oraclelinux
qt5-qtbase security update
2023-11-17 00:00:00
qt5 security and bug fix update
2023-11-12 00:00:00
qt5-qtbase security update
2024-05-02 00:00:00
fedora
fedora
[SECURITY] Fedora 37 Update: mingw-qt5-qtbase-5.15.10-4.fc37
2023-08-30 01:27:54
[SECURITY] Fedora 37 Update: qt5-qtbase-5.15.9-3.fc37
2023-05-24 01:15:12
[SECURITY] Fedora 38 Update: qt5-qtbase-5.15.9-3.fc38
2023-05-18 01:59:19
gentoo
gentoo
QtNetwork: Multiple Vulnerabilities
2024-02-18 00:00:00
QtGui: Multiple Vulnerabilities
2024-02-03 00:00:00
mageia
mageia
Updated qtbase5 packages fix security vulnerability
2023-05-31 09:41:32
Updated qtbase5 packages fix security vulnerability
2023-02-21 00:25:36
debian
debian
[SECURITY] [DLA 3539-1] qt4-x11 security update
2023-08-22 22:40:50
debiancve
debiancve
CVE-2023-51714
2023-12-24 21:15:25
CVE-2023-32763
2023-05-28 23:15:09
CVE-2023-24607
2023-04-15 01:15:07
ubuntucve
ubuntucve
CVE-2023-51714
2023-12-24 00:00:00
CVE-2023-24607
2023-04-15 00:00:00
CVE-2023-38197
2023-07-13 00:00:00
cvelist
cvelist
CVE-2023-51714
2023-12-24 00:00:00
CVE-2023-24607
2023-04-15 00:00:00
CVE-2023-37369
2023-08-20 00:00:00
cve
cve
CVE-2023-24607
2023-04-15 01:15:07
CVE-2023-38197
2023-07-13 02:15:09
CVE-2023-51714
2023-12-24 21:15:25
prion
prion
Code injection
2023-04-15 01:15:00
Integer overflow
2023-12-24 21:15:00
Privilege escalation
2023-07-13 02:15:00
nvd
nvd
CVE-2023-32763
2023-05-28 23:15:09
CVE-2023-24607
2023-04-15 01:15:07
CVE-2023-38197
2023-07-13 02:15:09
qt
qt
Security advisory: Potential Integer Overflow in Qt's HTTP2 implementation
2024-01-02 00:00:00
Security advisory: QXmlStreamReader
2023-07-07 00:00:00
Security Advisory: Qt Network
2023-05-23 00:00:00
redos
redos
ROS-20240606-09
2024-06-06 00:00:00
redhatcve
redhatcve
CVE-2023-37369
2023-08-16 13:49:04
CVE-2023-24607
2023-04-17 06:00:38
CVE-2023-38197
2023-07-19 07:37:40
cbl_mariner
cbl_mariner
CVE-2023-32763 affecting package qt5-qtbase for versions less than 5.12.11-8
2023-05-25 09:38:10
CVE-2023-32763 affecting package qt5-qtbase 5.12.11-5
2023-06-27 21:25:25
CVE-2023-24607 affecting package qt5-qtbase 5.12.11-3
2023-05-03 19:35:26
alpinelinux
alpinelinux
CVE-2023-32763
2023-05-28 23:15:09
CVE-2023-32762
2023-05-28 23:15:09
freebsd
freebsd
QtNetwork -- potential buffer overflow
2023-12-14 00:00:00
amazon
amazon
Medium: qt5-qtbase
2024-01-19 01:51:00
Medium: qt5-qtbase
2023-05-11 17:49:00
Important: qt5-qtbase
2024-04-24 22:15:00
vulnrichment
vulnrichment
CVE-2023-24607
2023-04-15 00:00:00
CVE-2023-37369
2023-08-20 00:00:00
veracode
veracode
Denial Of Services (DoS)
2023-06-04 19:34:12
Insecure Handling Of Strict-Transport-Security Header
2023-06-04 19:34:21
ibm
ibm
Security Bulletin: Netcool Operations Insights 1.6.12 addresses multiple security vulnerabilities.
2024-04-02 11:06:22
Security Bulletin: Multiple Vulnerabilities in CloudPak for AIOps
2024-01-31 19:31:55

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.6 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

54.7%

JSON
Related for DEBIAN:DLA-3805-1:830CD
osv13nessus51openvas25almalinux4redhat5oraclelinux4fedora11gentoo2mageia2debian1debiancve7ubuntucve7cvelist7cve7prion7nvd7qt4redos1redhatcve5cbl_mariner11alpinelinux2freebsd1amazon6vulnrichment2veracode2ibm2