Lucene search

[email protected]NVD:CVE-2023-32763

HistoryMay 28, 2023 - 11:15 p.m.

CVE-2023-32763

2023-05-2823:15:09

CWE-120

[email protected]

web.nvd.nist.gov

svg

buffer overflow

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.7 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

38.9%

JSON

An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. When a SVG file with an image inside it is rendered, a QTextLayout buffer overflow can be triggered.

Affected configurations

NVD

Node

qtqtRange<5.15.15

qtqtRange6.0.0–6.2.9

qtqtRange6.3.0–6.5.1

References

codereview.qt-project.org/c/qt/qtbase/+/476125

lists.debian.org/debian-lts-announce/2023/08/msg00028.html

lists.debian.org/debian-lts-announce/2024/04/msg00027.html

lists.qt-project.org/pipermail/announce/2023-May/000413.html

security.gentoo.org/glsa/202402-03

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.7 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

38.9%

JSON

Related for NVD:CVE-2023-32763

debiancve1 nessus12 alpinelinux1 cbl_mariner3 osv3 openvas10 amazon1 cve1 ubuntucve1 veracode1 prion1 cvelist1 gentoo1 fedora2 mageia1 debian2