Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2023-37369HistoryAug 20, 2023 - 7:15 a.m.
CVE-2023-37369
2023-08-2007:15:08
Debian Security Bug Tracker
security-tracker.debian.org
26
qt
xml parsing
vulnerability
application crash
qxmlstreamreader
crafted xml
prefix length
0.001 Low
EPSS
Percentile
25.8%
In Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.2, there can be an application crash in QXmlStreamReader via a crafted XML string that triggers a situation in which a prefix is greater than a length.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 10 | all | qt4-x11 | <Â 4:4.8.7+dfsg-18+deb10u2 | qt4-x11_4:4.8.7+dfsg-18+deb10u2_all.deb |
| Debian | 12 | all | qt6-base | <=Â 6.4.2+dfsg-10 | qt6-base_6.4.2+dfsg-10_all.deb |
| Debian | 999 | all | qt6-base | <Â 6.4.2+dfsg-20 | qt6-base_6.4.2+dfsg-20_all.deb |
| Debian | 13 | all | qt6-base | <Â 6.4.2+dfsg-20 | qt6-base_6.4.2+dfsg-20_all.deb |
| Debian | 12 | all | qtbase-opensource-src | <=Â 5.15.8+dfsg-11 | qtbase-opensource-src_5.15.8+dfsg-11_all.deb |
| Debian | 11 | all | qtbase-opensource-src | <=Â 5.15.2+dfsg-9 | qtbase-opensource-src_5.15.2+dfsg-9_all.deb |
| Debian | 10 | all | qtbase-opensource-src | <Â 5.11.3+dfsg1-1+deb10u6 | qtbase-opensource-src_5.11.3+dfsg1-1+deb10u6_all.deb |
| Debian | 999 | all | qtbase-opensource-src | <Â 5.15.10+dfsg-3 | qtbase-opensource-src_5.15.10+dfsg-3_all.deb |
| Debian | 13 | all | qtbase-opensource-src | <Â 5.15.10+dfsg-3 | qtbase-opensource-src_5.15.10+dfsg-3_all.deb |
| Debian | 12 | all | qtbase-opensource-src-gles | <=Â 5.15.8+dfsg-3 | qtbase-opensource-src-gles_5.15.8+dfsg-3_all.deb |
Related
nessus
nessus
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : libqt5-qtbase (SUSE-SU-2023:4950-1)
2023-12-22 00:00:00
Fedora 37 : mingw-qt5-qtbase (2023-fd45b50121)
2023-08-30 00:00:00
Fedora 38 : qt5-qtbase (2023-04d519d0b3)
2023-08-18 00:00:00
fedora
fedora
[SECURITY] Fedora 38 Update: qt5-qtbase-5.15.10-5.fc38
2023-08-18 01:59:53
[SECURITY] Fedora 38 Update: mingw-qt5-qtbase-5.15.10-4.fc38
2023-08-30 01:37:29
[SECURITY] Fedora 37 Update: mingw-qt5-qtbase-5.15.10-4.fc37
2023-08-30 01:27:54
redhatcve
redhatcve
CVE-2023-37369
2023-08-16 13:49:04
openvas
openvas
Fedora: Security Advisory for mingw-qt5-qtbase (FEDORA-2023-0e68827d36)
2023-08-30 00:00:00
Fedora: Security Advisory for qt5-qtbase (FEDORA-2023-04d519d0b3)
2023-08-19 00:00:00
openSUSE: Security Advisory for libqt5 (SUSE-SU-2023:4951-1)
2024-03-04 00:00:00
cvelist
cvelist
CVE-2023-37369
2023-08-20 00:00:00
osv
osv
CVE-2023-37369
2023-08-20 07:15:08
Moderate: qt5-qtbase security update
2023-11-14 00:00:00
Moderate: qt5 security and bug fix update
2023-11-07 00:00:00
cbl_mariner
cbl_mariner
CVE-2023-37369 affecting package qt5-qtbase for versions less than 5.12.11-9
2023-08-10 16:37:57
amazon
amazon
Important: qt5-qtbase
2024-04-24 22:15:00
cve
cve
CVE-2023-37369
2023-08-20 07:15:08
prion
prion
Design/Logic Flaw
2023-08-20 07:15:00
ubuntucve
ubuntucve
CVE-2023-37369
2023-08-20 00:00:00
oraclelinux
oraclelinux
qt5-qtbase security update
2023-11-17 00:00:00
qt5 security and bug fix update
2023-11-12 00:00:00
almalinux
almalinux
Moderate: qt5-qtbase security update
2023-11-14 00:00:00
Moderate: qt5 security and bug fix update
2023-11-07 00:00:00
redhat
redhat
(RHSA-2023:6967) Moderate: qt5-qtbase security update
2023-11-14 08:41:31
(RHSA-2023:6369) Moderate: qt5 security and bug fix update
2023-11-07 06:03:15
debian
debian
[SECURITY] [DLA 3539-1] qt4-x11 security update
2023-08-22 22:41:19
[SECURITY] [DLA 3805-1] qtbase-opensource-src security update
2024-04-30 23:30:28
ibm
ibm