Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 26.04 LTS : QT WebEngine vulnerability (USN-8347-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 26.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-8347-1 advisory. It was discovered that the vendored LibTIFF in QT WebEngine incorrectly handled memory when parsing malformed TIFF...

USN-8347-1: QT WebEngine vulnerability

It was discovered that the vendored LibTIFF in QT WebEngine incorrectly handled memory when parsing malformed TIFF image metadata. An attacker could possibly use this issue to cause a denial of service, obtain sensitive information, or execute arbitrary code...

USN-8347-1 qtwebengine-opensource-src vulnerability

It was discovered that the vendored LibTIFF in QT WebEngine incorrectly handled memory when parsing malformed TIFF image metadata. An attacker could possibly use this issue to cause a denial of service, obtain sensitive information, or execute arbitrary code...

FreeBSD : qt6-webengine -- multiple vulnerabilities (738f5590-550c-11f1-9f97-3fa0ea3edd7d)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 738f5590-550c-11f1-9f97-3fa0ea3edd7d advisory. Qt qtwebengine-chromium repo reports: Backports for 262 security bugs in Chromium: Tenable has...

[SECURITY] Fedora 44 Update: qt6-qtwebengine-6.10.3-1.fc44

Qt6 - QtWebEngine components...

FreeBSD : qt6-webengine -- multiple vulnerabilities (73ff246b-04b2-11f1-84fc-4ccc6adda413)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 73ff246b-04b2-11f1-84fc-4ccc6adda413 advisory. Qt qtwebengine-chromium repo reports: Backports for 7 security bugs in Chromium: Tenable has...

qt6-webengine -- multiple vulnerabilities

Qt qtwebengine-chromium repo reports: Backports for 7 security bugs in Chromium: CVE-2025-13638: Prevent media element GC in callbacks in WebMediaPlayerMS CVE-2025-13639: Improve validation of SDP direction in remote description CVE-2025-13720: Avoid downcasting Hash and Integrity reports...

[SECURITY] Fedora 42 Update: qt5-qtwebengine-5.15.19-2.fc42

Qt5 - QtWebEngine components...

Fedora 42 : deepin-qt5integration / deepin-qt5platform-plugins / dtkcore / etc (2025-976ccd79ae)

The remote Fedora 42 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2025-976ccd79ae advisory. Qt 5.15.18 bugfix release. ---- Qt5 WebEngine update to 5.15.19. Tenable has extracted the preceding description block directly from the Fedora security...

FreeBSD : qt6-webengine -- Multiple vulnerabilities (c27c05a7-a0c8-11f0-8471-4ccc6adda413)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the c27c05a7-a0c8-11f0-8471-4ccc6adda413 advisory. Qt qtwebengine-chromium repo reports: Backports for 9 security bugs in Chromium: Tenable has...

qt6-webengine -- Multiple vulnerabilities

Qt qtwebengine-chromium repo reports: Backports for 9 security bugs in Chromium: CVE-2025-9866: Determine whether to bypass redirect checks per request CVE-2025-10200: Use after free in Serviceworker CVE-2025-10201: Inappropriate implementation in Mojo CVE-2025-10500: Use after free in Dawn...

Linux Distros Unpatched Vulnerability : CVE-2015-1290

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Google V8 engine, as used in Google Chrome before 44.0.2403.89 and QtWebEngineCore in Qt before 5.5.1, allows remote attackers to cause a denial of service...

FreeBSD : qt6-webengine -- Multiple vulnerabilities (edf83c10-83b8-11f0-b6e5-4ccc6adda413)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the edf83c10-83b8-11f0-b6e5-4ccc6adda413 advisory. Qt qtwebengine-chromium repo reports: Backports for 25 security bugs in Chromium: Tenable has...

[SECURITY] Fedora 42 Update: qt6-qtwebengine-6.9.1-1.fc42

Qt6 - QtWebEngine components...

FreeBSD : qt6-webengine -- Multiple vulnerabilities (7cb6642c-0c5a-11f0-8688-4ccc6adda413)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 7cb6642c-0c5a-11f0-8688-4ccc6adda413 advisory. Qt qtwebengine-chromium repo reports: Backports for 11 security bugs in Chromium: Tenable has...

[SECURITY] Fedora 42 Update: qt6-qtwebengine-6.8.2-4.fc42

Qt6 - QtWebEngine components...

qt6-webengine -- Multiple vulnerabilities

Qt qtwebengine-chromium repo reports: Backports for 11 security bugs in Chromium: CVE-2024-11477: 7-Zip Zstd decompression integer underflow CVE-2025-0762: Use after free in DevTools CVE-2025-0996: Inappropriate implementation in Browser UI CVE-2025-0998: Out of bounds memory access in V8...

openSUSE Security Advisory (openSUSE-SU-2025:0024-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

qt5-webengine -- Use after free in Compositing

Qt qtwebengine-chromium repo reports: Backports for 1 security bug in Chromium: CVE-2024-12694: Use after free in Compositing...

FreeBSD : qt6-webengine -- Multiple vulnerabilities (72b8729e-e134-11ef-9e76-4ccc6adda413)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 72b8729e-e134-11ef-9e76-4ccc6adda413 advisory. Qt qtwebengine-chromium repo reports: Backports for 9 security bugs in Chromium: Tenable has...