Lucene search
GoogleOSV:SUSE-SU-2024:2873-1HistoryAug 12, 2024 - 8:03 a.m.
Security update for qt6-base
2024-08-1208:03:19
Google
osv.dev
1
security update
qt6-base
cve-2024-33861
modification of the stack
cve-2024-39936
information leakage
cve-2023-45935
null pointer dereference
CVSS3
8.6
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
AI Score
6.8
Confidence
Low
This update for qt6-base fixes the following issues:
- CVE-2024-33861: Fixed an invalid pointer being passed as a callback which coud lead to modification of the stack (bsc#1223917)
- CVE-2024-39936: Fixed information leakage due to process HTTP2 communication before encrypted() can be responded to (bsc#1227426)
- CVE-2023-45935: Fixed NULL pointer dereference in QXcbConnection::initializeAllAtoms() due to anomalous behavior from the X server (bsc#1222120)
Related
nessus
nessus
osv
osv
Security update for qt6-base
2024-08-12 08:04:10
Security update for libqt5-qtbase
2024-08-12 15:40:48
Security update for libqt5-qtbase
2024-08-12 15:41:26
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2024:2890-1)
2024-08-14 00:00:00
SUSE: Security Advisory (SUSE-SU-2024:2946-1)
2024-08-19 00:00:00
Fedora: Security Advisory (FEDORA-2024-c37b7a4e71)
2024-08-08 00:00:00
qt
qt
Security advisory: QStringConverter
2024-05-02 00:00:00
Security advisory: Recently discovered HTTP2 handling issue impacts Qt
2024-07-17 00:00:00
freebsd
freebsd
qt6-base (core module) -- Invalid pointer in QStringConverter
2024-05-02 00:00:00
nvd
nvd
CVE-2023-45935
2024-03-27 05:15:47
CVE-2024-39936
2024-07-04 21:15:10
ubuntucve
ubuntucve
CVE-2023-45935
2024-03-27 00:00:00
CVE-2024-39936
2024-07-04 00:00:00
cve
cve
CVE-2023-45935
2024-03-27 05:15:47
CVE-2024-39936
2024-07-04 21:15:10
debiancve
debiancve
CVE-2023-45935
2024-03-27 05:15:47
CVE-2024-39936
2024-07-04 21:15:10
alpinelinux
alpinelinux
CVE-2024-39936
2024-07-04 21:15:10
rocky
rocky
qt5-qtbase security update
2024-07-26 12:33:55
qt5-qtbase security update
2024-07-26 12:33:00
cvelist
cvelist
CVE-2024-39936
2024-07-04 00:00:00
CVE-2023-45935
2024-03-27 00:00:00
almalinux
almalinux
Important: qt5-qtbase security update
2024-07-18 00:00:00
Important: qt5-qtbase security update
2024-07-18 00:00:00
fedora
fedora
[SECURITY] Fedora 40 Update: mingw-qt5-qtbase-5.15.14-4.fc40
2024-08-08 02:47:48
[SECURITY] Fedora 40 Update: qt6-qtbase-6.7.2-3.fc40
2024-07-11 01:16:15
[SECURITY] Fedora 39 Update: qt6-qtbase-6.6.2-2.fc39
2024-07-19 02:21:59
vulnrichment
vulnrichment
CVE-2023-45935
2024-03-27 00:00:00
CVE-2024-39936
2024-07-04 00:00:00
redhat
redhat
(RHSA-2024:4646) Important: qt5-qtbase security update
2024-07-18 15:18:17
(RHSA-2024:4623) Important: qt5-qtbase security update
2024-07-18 13:02:55
(RHSA-2024:4617) Important: qt5-qtbase security update
2024-07-18 12:54:10
oraclelinux
oraclelinux
qt5-qtbase security update
2024-09-09 00:00:00
qt5-qtbase security update
2024-07-18 00:00:00
qt5-qtbase security update
2024-07-18 00:00:00
redhatcve
redhatcve
CVE-2024-39936
2024-07-05 02:49:34
cbl_mariner
cbl_mariner
CVE-2024-39936 affecting package qtbase for versions less than 6.6.2-1
2024-07-24 00:12:29
ibm
ibm
Security Bulletin: Multiple Vulnerabilities in IBM CloudPak for AIOps
2024-07-31 19:41:25
CVSS3
8.6
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
AI Score
6.8
Confidence
Low
Related for OSV:SUSE-SU-2024:2873-1