3 matches found
K000148809: Qt vulnerabilities CVE-2023-38197 and CVE-2023-37369
Security Advisory Description CVE-2023-38197 An issue was discovered in Qt before 5.15.15, 6.x before 6.2.10, and 6.3.x through 6.5.x before 6.5.3. There are infinite loops in recursive entity expansion. CVE-2023-37369 In Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.2,...
Two Qt security advisories: GDI Font Engine & WebP image format
An issue on Windows with the GDI font engine has been reported and has been assigned the CVE id CVE-2023-43114. When corrupt font data is passed to the GDI font engine via QFontDatabase::addApplicationFontFromData then it can trigger a crash in the application. Solution: As a workaround, validate...
Security advisory: QXmlStreamReader
A recently reported potential buffer overflow issue in QXmlStreamReader has been assigned the CVE id CVE-2023-38197. QXmlStreamReader can freeze or get out of memory on recursive entity expansion, with DTD tokens in XML body. Solution: Apply the attached patch or update to Qt 5.15.15, Qt 6.2.10, ...