14 matches found
Ubuntu: Security Advisory (USN-8076-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-8076-1 qtbase-opensource-src vulnerabilities
It was discovered that Qt did not correctly handle OpenSSL's error queue. An attacker could possibly use this issue to cause a denial of service. This issue was only addressed in Ubuntu 20.04 LTS. CVE-2020-13962 It was discovered that Qt incorrectly handled certain XBM image files. If a user or...
CVE-2020-13962 affecting package qt5-qtsvg for versions less than 5.12.11-3
CVE-2020-13962 affecting package qt5-qtsvg for versions less than 5.12.11-3. An upgraded version of the package is available that resolves this issue...
AlmaLinux 8 : qt5-qtbase and qt5-qtwebsockets (ALSA-2020:4690)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2020:4690 advisory. - Qt through 5.14 allows an exponential XML entity expansion attack via a crafted SVG document that is mishandled in QXmlStreamReader, a related issue to...
SUSE: Security Advisory (SUSE-SU-2020:2357-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RHEL 8 : qt5-qtbase and qt5-qtwebsockets (RHSA-2020:4690)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:4690 advisory. Qt is a software toolkit for developing applications. The qt5-base packages contain base tools for string, xml, and network handling in Qt...
qt5-qtbase and qt5-qtwebsockets security and bug fix update
An update is available for qt5-qtwebsockets. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Qt is a software toolkit for developing applications. The qt5-base...
Moderate: qt5-qtbase and qt5-qtwebsockets security and bug fix update
Qt is a software toolkit for developing applications. The qt5-base packages contain base tools for string, xml, and network handling in Qt. Security Fixes: qt: XML entity expansion vulnerability CVE-2015-9541 qt5-qtwebsockets: websocket implementation allows only limited size for frames and...
Fedora: Security Advisory for mumble (FEDORA-2020-f869e01557)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openSUSE Security Update : libqt5-qtbase (openSUSE-2020-1319)
This update for libqt5-qtbase fixes the following issues : - Fixed a possible crash in certificate parsing. - Fixed a DoS in QSslSocket bsc1172726, CVE-2020-13962. - Added support for PostgreSQL 12 bsc1173758. This update was imported from the SUSE:SLE-15-SP2:Update update project. C Tenable...
openSUSE: Security Advisory for libqt5-qtbase (openSUSE-SU-2020:1319-1)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE SLED15 / SLES15 Security Update : libqt5-qtbase (SUSE-SU-2020:2357-1)
This update for libqt5-qtbase fixes the following issues : Fixed a possible crash in certificate parsing. Fixed a DoS in QSslSocket bsc1172726, CVE-2020-13962. Added support for PostgreSQL 12 bsc1173758. Note that Tenable Network Security has extracted the preceding description block directly fro...
CVE-2020-13962
Qt 5.12.2 through 5.14.2, as used in unofficial builds of Mumble 1.3.0 and other products, mishandles OpenSSL's error queue, which can cause a denial of service to QSslSocket users. Because errors leak in unrelated TLS sessions, an unrelated session may be disconnected when any handshake fails...
CVE-2020-13962
CVE-2020-13962 affects Qt 5.12.2–5.14.2 as used in unofficial builds of Mumble 1.3.0 and other products. The issue arises from mishandling OpenSSL’s error queue, causing a denial of service to QSslSocket users and, due to error leakage across sessions, potentially disconnecting another session wh...