Debian dla-3805 : libqt5concurrent5 - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3805 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3805-1 [email protected]...

GLSA-202402-03 : QtGui: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202402-03 QtGui: Multiple Vulnerabilities - Qt 5.x before 5.15.6 and 6.x through 6.1.2 has an out-of-bounds write in QOutlineMapper::convertPath called from QRasterPaintEngine::fill and QPaintEngineEx::stroke. CVE-2021-38593 - An...

Debian dla-3539 : libqt4-dbg - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3539 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3539-1 [email protected]...

OESA-2023-1489 qt5-qtbase security update

Qt is a software toolkit for developing applications. Security Fixes: Qt before 6.4.3 allows a denial of service via a crafted string when the SQL ODBC driver plugin is used and the size of SQLTCHAR is 4. The affected versions are 5.x before 5.15.13, 6.x before 6.2.8, and 6.3.x before...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : libqt5-qtbase (SUSE-SU-2023:2982-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2982-1 advisory. - Qt before 6.4.3 allows a denial of service via a crafted string when the SQL ODBC driver plugi...

Amazon Linux 2 : qt5-qtbase (ALAS-2023-2159)

The version of qt5-qtbase installed on the remote host is prior to 5.9.2-3. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2159 advisory. In QT, there is an integer overflow in qfixedp.h when rendering SVG image on the minimal plugin. CVE-2023-32763 Tenable has...

SUSE SLES15 Security Update : libqt5-qtbase (SUSE-SU-2023:2860-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:2860-1 advisory. - An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. When a SVG file with an image inside...

SUSE-SU-2023:2860-1 Security update for libqt5-qtbase

This update for libqt5-qtbase fixes the following issues: - CVE-2023-32763: Fixed overflow in QTextLayout bsc1211798...

SUSE SLES12 Security Update : libqt5-qtbase (SUSE-SU-2023:2816-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2816-1 advisory. - CVE-2020-24741: Fixed a bug that allow QLibrary to load libraries relative to CWD which could result in arbitrary code execution...

Denial Of Services (DoS)

qt6-qtbase is vulnerable to Denial Of Services DoS. The vulnerability exists When an SVG file with an image inside it is rendered, which allows an attacker to cause an application crash through the buffer overflow in QTextLayout...

MGASA-2023-0190 Updated qtbase5 packages fix security vulnerability

Qt Network incorrectly parses the strict-transport-security HSTS header, allowing unencrypted connections to be established, even when explicitly prohibited by the server. This happens if the case used for this header does not exactly match. CVE-2023-32762 QTextLayout buffer overflow in SVG file...

An issue was discovered in Qt before 5.15.15 6.x before 6.2.9 and 6.3.x through 6.5.x before 6.5.1. When a SVG file with an image inside it is rendered a QTextLayout buffer overflow can be triggered.

...

DEBIAN-CVE-2023-32763

An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. When a SVG file with an image inside it is rendered, a QTextLayout buffer overflow can be triggered...

UBUNTU-CVE-2023-32763

An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. When a SVG file with an image inside it is rendered, a QTextLayout buffer overflow can be triggered...

Buffer overflow

An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. When a SVG file with an image inside it is rendered, a QTextLayout buffer overflow can be triggered...

CVE-2023-32763

An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. When a SVG file with an image inside it is rendered, a QTextLayout buffer overflow can be triggered...

CVE-2023-32763

CVE-2023-32763 affects Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. A vulnerability in SVG rendering triggers a QTextLayout buffer overflow when an image is inside the SVG. The issue is documented across multiple advisories; concrete exploit details are not provided ...

CVE-2023-32763

An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. When a SVG file with an image inside it is rendered, a QTextLayout buffer overflow can be triggered...

Fedora 37 : qt5-qtbase (2023-f42087b533)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-f42087b533 advisory. Fixes CVE-2023-32762 and CVE-2023-32763. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that...